Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-12816 (GCVE-0-2025-12816)
Vulnerability from cvelistv5 – Published: 2025-11-25 19:15 – Updated: 2025-11-25 21:04
VLAI?
EPSS
Title
CVE-2025-12816
Summary
An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.
Severity ?
No CVSS data available.
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Digital Bazaar | node-forge |
Affected:
0 , ≤ 1.3.1
(semver)
|
|||||||
|
|||||||||
Credits
This issue was reported by Hunter Wodzenski of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-12816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T20:21:37.225634Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T20:24:22.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-25T21:04:09.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/521113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "node-forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"product": "forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This issue was reported by Hunter Wodzenski of Palo Alto Networks"
}
],
"descriptions": [
{
"lang": "en",
"value": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions."
}
],
"metrics": [
{
"other": {
"content": {
"schemaVersion": "2.0.0",
"selections": [
{
"definition": "The present state of exploitation of the vulnerability.",
"key": "E",
"name": "Exploitation",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Public PoC"
}
],
"version": "1.1.0"
},
{
"definition": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
"key": "A",
"name": "Automatable",
"namespace": "ssvc",
"values": [
{
"key": "N",
"name": "No"
}
],
"version": "2.0.0"
},
{
"definition": "The technical impact of the vulnerability.",
"key": "TI",
"name": "Technical Impact",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Partial"
}
],
"version": "1.0.0"
}
],
"timestamp": "2025-11-07T15:47:01.238Z"
},
"type": "ssvcV2_0_0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-436 Interpretation Conflict",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T19:29:31.487Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.npmjs.com/package/node-forge"
},
{
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"url": "https://github.com/digitalbazaar/forge"
},
{
"name": "CERT/CC Vulnerability Notice",
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"name": "Github Security Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-12816",
"x_generator": {
"engine": "VINCE 3.0.29",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12816"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-12816",
"datePublished": "2025-11-25T19:15:50.243Z",
"dateReserved": "2025-11-06T17:11:38.255Z",
"dateUpdated": "2025-11-25T21:04:09.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-12816",
"date": "2026-04-15",
"epss": "0.00077",
"percentile": "0.23009"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-12816\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2025-11-25T20:15:58.870\",\"lastModified\":\"2026-01-02T19:02:08.980\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-436\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digitalbazaar:forge:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.3.1\",\"matchCriteriaId\":\"F1BD404D-0F0B-495C-A5FF-F684D208E44D\"}]}]}],\"references\":[{\"url\":\"https://github.com/digitalbazaar/forge\",\"source\":\"cret@cert.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/digitalbazaar/forge/pull/1124\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq\",\"source\":\"cret@cert.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://kb.cert.org/vuls/id/521113\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/node-forge\",\"source\":\"cret@cert.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/521113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/521113\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-25T21:04:09.432Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12816\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-25T20:21:37.225634Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-436\", \"description\": \"CWE-436 Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-25T20:23:29.293Z\"}}], \"cna\": {\"title\": \"CVE-2025-12816\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This issue was reported by Hunter Wodzenski of Palo Alto Networks\"}], \"metrics\": [{\"other\": {\"type\": \"ssvcV2_0_0\", \"content\": {\"timestamp\": \"2025-11-07T15:47:01.238Z\", \"selections\": [{\"key\": \"E\", \"name\": \"Exploitation\", \"values\": [{\"key\": \"P\", \"name\": \"Public PoC\"}], \"version\": \"1.1.0\", \"namespace\": \"ssvc\", \"definition\": \"The present state of exploitation of the vulnerability.\"}, {\"key\": \"A\", \"name\": \"Automatable\", \"values\": [{\"key\": \"N\", \"name\": \"No\"}], \"version\": \"2.0.0\", \"namespace\": \"ssvc\", \"definition\": \"Can an attacker reliably automate creating exploitation events for this vulnerability?\"}, {\"key\": \"TI\", \"name\": \"Technical Impact\", \"values\": [{\"key\": \"P\", \"name\": \"Partial\"}], \"version\": \"1.0.0\", \"namespace\": \"ssvc\", \"definition\": \"The technical impact of the vulnerability.\"}], \"schemaVersion\": \"2.0.0\"}}}], \"affected\": [{\"vendor\": \"Digital Bazaar\", \"product\": \"node-forge\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.1\"}]}, {\"vendor\": \"Digital Bazaar\", \"product\": \"forge\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.1\"}]}], \"references\": [{\"url\": \"https://www.npmjs.com/package/node-forge\"}, {\"url\": \"https://github.com/digitalbazaar/forge/pull/1124\"}, {\"url\": \"https://github.com/digitalbazaar/forge\"}, {\"url\": \"https://kb.cert.org/vuls/id/521113\", \"name\": \"CERT/CC Vulnerability Notice\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq\", \"name\": \"Github Security Advisory\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"env\": \"prod\", \"engine\": \"VINCE 3.0.29\", \"origin\": \"https://cveawg.mitre.org/api/cve/CVE-2025-12816\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-436 Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"shortName\": \"certcc\", \"dateUpdated\": \"2025-11-25T19:29:31.487Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-12816\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-25T21:04:09.432Z\", \"dateReserved\": \"2025-11-06T17:11:38.255Z\", \"assignerOrgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"datePublished\": \"2025-11-25T19:15:50.243Z\", \"assignerShortName\": \"certcc\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SSA-485750
Vulnerability from csaf_siemens - Published: 2026-03-10 00:00 - Updated: 2026-03-10 00:00Summary
SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800
Notes
Summary: SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.
Siemens has released a new version of SIDIS Prime and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
8.7 (High)
Vendor Fix
Update to V4.0.800 or later version
5.3 (Medium)
Vendor Fix
Update to V4.0.800 or later version
4.3 (Medium)
Vendor Fix
Update to V4.0.800 or later version
7.5 (High)
Vendor Fix
Update to V4.0.800 or later version
6.5 (Medium)
Vendor Fix
Update to V4.0.800 or later version
5.3 (Medium)
Vendor Fix
Update to V4.0.800 or later version
7.5 (High)
Vendor Fix
Update to V4.0.800 or later version
5.3 (Medium)
Vendor Fix
Update to V4.0.800 or later version
8.6 (High)
Vendor Fix
Update to V4.0.800 or later version
8.0 (High)
Vendor Fix
Update to V4.0.800 or later version
4.5 (Medium)
Vendor Fix
Update to V4.0.800 or later version
8.0 (High)
Vendor Fix
Update to V4.0.800 or later version
References
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.\n\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
},
{
"category": "self",
"summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json"
}
],
"title": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800",
"tracking": {
"current_release_date": "2026-03-10T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-485750",
"initial_release_date": "2026-03-10T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-10T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c4.0.800",
"product": {
"name": "SIDIS Prime",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SIDIS Prime"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-30171"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-41996",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41996"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "summary",
"text": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7783",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.\r\n\r\nThis issue affects form-data: \u003c 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-7783"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-9232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9232"
},
{
"cve": "CVE-2025-9670",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "summary",
"text": "A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9670"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"notes": [
{
"category": "summary",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: \u003c 6.14.1.\n\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1\u0026a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1\u0026a[1]=2) but completely bypasses it for bracket notation (a[]=1\u0026a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === \u0027[]\u0027 \u0026\u0026 options.parseArrays) {\n obj = utils.combine([], leaf); // No arrayLimit check\n}\n\n\n\n\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index \u003c= options.arrayLimit) { // Limit checked here\n obj = [];\n obj[index] = leaf;\n}\n\n\n\n\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index \u003c= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\n\n\n\n\nconst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026a[]=2\u0026a[]=3\u0026a[]=4\u0026a[]=5\u0026a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length); // Output: 6 (should be max 5)\n\n\n\n\n\nTest 2 - DoS demonstration:\n\nconst qs = require(\u0027qs\u0027);\nconst attack = \u0027a[]=\u0027 + Array(10000).fill(\u0027x\u0027).join(\u0027\u0026a[]=\u0027);\nconst result = qs.parse(attack, { arrayLimit: 100 });\nconsole.log(result.a.length); // Output: 10000 (should be max 100)\n\n\n\n\n\nConfiguration:\n\n * arrayLimit: 5\u00a0(test 1) or arrayLimit: 100\u00a0(test 2)\n * Use bracket notation: a[]=value\u00a0(not indexed a[0]=value)\n\n\nImpactDenial of Service via memory exhaustion. Affects applications using qs.parse()\u00a0with user-controlled input and arrayLimit\u00a0for protection.\n\nAttack scenario:\n\n * Attacker sends HTTP request: GET /api/search?filters[]=x\u0026filters[]=x\u0026...\u0026filters[]=x\u00a0(100,000+ times)\n * Application parses with qs.parse(query, { arrayLimit: 100 })\n * qs ignores limit, parses all 100,000 elements into array\n * Server memory exhausted \u2192 application crashes or becomes unresponsive\n * Service unavailable for all users\nReal-world impact:\n\n * Single malicious request can crash server\n * No authentication required\n * Easy to automate and scale\n * Affects any endpoint parsing query strings with bracket notation",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-58751",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or `server.host` config option), use the public directory feature (enabled by default), and have a symlink in the public directory are affected. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58751"
},
{
"cve": "CVE-2025-58752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or server.host config option) and use `appType: \u0027spa\u0027` (default) or `appType: \u0027mpa\u0027` are affected. This vulnerability also affects the preview server. The preview server allowed HTML files not under the output directory to be served. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58752"
},
{
"cve": "CVE-2025-58754",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: \u0027stream\u0027`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-58754"
},
{
"cve": "CVE-2025-62522",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended with \\ when the dev server is running on Windows. Only apps explicitly exposing the Vite dev server to the network and running the dev server on Windows were affected. This issue has been patched in versions 5.4.21, 6.4.1, 7.0.8, and 7.1.11.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-62522"
},
{
"cve": "CVE-2025-64718",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "summary",
"text": "js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-64718"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-64756"
},
{
"cve": "CVE-2025-66030",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66030"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "summary",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66031"
},
{
"cve": "CVE-2025-66035",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular\u0027s HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66035"
},
{
"cve": "CVE-2025-66412",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-66412"
},
{
"cve": "CVE-2025-69277",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"notes": [
{
"category": "summary",
"text": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren\u0027t in the main cryptographic group.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-69277"
},
{
"cve": "CVE-2026-22610",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular\u2019s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG \u003cscript\u003e elements as a Resource URL context. This issue has been patched in versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.0.800 or later version",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2026-22610"
}
]
}
SUSE-SU-2026:0628-1
Vulnerability from csaf_suse - Published: 2026-02-25 09:44 - Updated: 2026-02-25 09:44Summary
Security update 5.1.2 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.2 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization around source building
golang-github-boynux-squid_exporter:
- Update to version 1.13.0 (jsc#PED-14971)
- Add support for squid-internal-mgr path for metrics.
- Update to version 1.12.0
- Add TLS and basic authentication support for the web interface.
- Update to version 1.11.0
- Allow adding custom labels to all metrics.
- Update to version 1.10.0
- Add ability to configure the exporter using environment variables.
- Add support for Squid 6
- Add `squid_up` metric
- Add `squid_scrape_duration_seconds` metric
- Add `squid_scrape_error` metric
- Update to version 1.9.0
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.
- Update to version 1.8.0
- Add various service time metrics to provide more detailed performance data.
- Update to version 1.7.0
- Add support for basic authentication against the Squid proxy.
- Fix `squid_client_http_requests_total` metric
- Upstream changes for v1.9.0:
- Use `CAP_DAC_READ_SEARCH` capability to allow
reading process information without running as root.
- Upstream changes for v1.8.0:
- Add various service time metrics to provide more detailed
performance data.
- Upstream changes for v1.7.0:
Squid proxy.Update to version 1.10.0
- Add ability to configure the exporter using environment
variables.
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process
information without running as root.
- Add various service time metrics to provide more detailed
performance data.
- Add support for basic authentication against the Squid proxy.
- Use current distro go default version. Use auto-versioning
on SUSE as well.
golang-github-lusitaniae-apache_exporter:
- Build without apparmor for openSUSE Leap 16, SLES 16 or newer
- Update to version 1.0.10
* Update github.com/prometheus/client_golang to 1.21.1
* Update github.com/prometheus/common to 0.63.0
* Update github.com/prometheus/exporter-toolkit to 0.14.0
- Update to version 1.0.9
* Update github.com/prometheus/client_golang to 1.20.4
* Update github.com/prometheus/common to 0.59.1
* Update github.com/prometheus/exporter-toolkit to 0.13.0
* Migrate logging to log/slog
* Fix signal handler logging
golang-github-prometheus-alertmanager:
- Require gcc11-c++ for building with SLE 12
golang-github-prometheus-node_exporter:
- Require gcc11-c++ for building with SLE 12
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Update to 3.5.0 (jsc#PED-13824):
This is a Long-Term Support (LTS) release.
* [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.
- Update to 3.4.0:
* [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional feature.
* [FEATURE] UI: Show detailed relabeling steps for each discovered target.
* [ENHANCEMENT] Alerting: Add 'unknown' state for alerting rules that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
'created timestamp' (CT) is now called 'start timestamp' (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
This release includes new features such as a brand new UI and
UTF-8 support enabled by default.
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
This release brings a release candidate of a major new version of
Remote Write: 2.0.
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized
to 0.
* [CHANGE] API: Split warnings from info annotations in API response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
- Require gcc11-c++ for building with SLE 12
grafana:
- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)
mgr-push:
- Version 5.1.5-0
* Non-customer-facing optimization and update
prometheus-blackbox_exporter:
- Non-customer-facing optimization and update
rhnlib:
- Version 5.1.4-0
* Non-customer-facing optimization and update
spacecmd:
- Version 5.1.12-0
* Fix spacecmd binary file upload (bsc#1253659)
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix methods in api namespace in spacecmd (bsc#1249532)
* Make caching code Py 2.7 compatible
* Use JSON instead of pickle for spacecmd
cache (bsc#1227579)
* Python 2.7 cannot re-raise exceptions
spacewalk-client-tools:
- Version 5.1.8-0
* Non-customer-facing optimization and update
supportutils-plugin-susemanager-client:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-common-libs:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-tools:
- Version 5.1.24-0
* Actually use the --dbupgrade-tag parameter when computing the
image URL (bsc#1249400)
* Handle CA files with symlinks during migration (bsc#1251044)
* Adjust traefik exposed configuration for chart v27+ (bsc#1247721)
* Fix systemd object initialization in server rename. (bsc#1250981)
* Add SSL secrets to the db setup container during migration. (bsc#1250976)
* Fix images handling in mgrpxy support ptf (bsc#1250940)
* Fix helm upgrade parameters (bsc#1253966)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Move the SSL checks at the beginning of the migration
* Remove cgroup mount for podman containers (bsc#1253347)
* Convert the traefik install time to local time (bsc#1251138)
* During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)
* Read env var from http conf file (bsc#1253282)
* Add --registry-host, --registry-user and --registry-password
to pull images from an authenticate registry
* Deprecate --registry
* Unify backup create and restore dryrun option case
* Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)
* Always start database container even if enabled
* Remove extra ipv6 mapping and nftables workaround (bsc#1248848)
* Remove old PostgreSQL exporter environment file before migration
* Support config command parse correctly supportconfig output (bsc#1255781)
Patchnames: SUSE-2026-628,SUSE-MultiLinuxManagerTools-SLE-12-2026-628
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-boynux-squid_exporter:\n\n- Update to version 1.13.0 (jsc#PED-14971)\n - Add support for squid-internal-mgr path for metrics.\n- Update to version 1.12.0\n - Add TLS and basic authentication support for the web interface.\n- Update to version 1.11.0\n - Allow adding custom labels to all metrics.\n- Update to version 1.10.0\n - Add ability to configure the exporter using environment variables.\n - Add support for Squid 6\n - Add `squid_up` metric\n - Add `squid_scrape_duration_seconds` metric\n - Add `squid_scrape_error` metric\n- Update to version 1.9.0\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.\n- Update to version 1.8.0\n - Add various service time metrics to provide more detailed performance data.\n- Update to version 1.7.0\n - Add support for basic authentication against the Squid proxy.\n - Fix `squid_client_http_requests_total` metric\n- Upstream changes for v1.9.0:\n - Use `CAP_DAC_READ_SEARCH` capability to allow\n reading process information without running as root.\n- Upstream changes for v1.8.0:\n - Add various service time metrics to provide more detailed\n performance data.\n- Upstream changes for v1.7.0:\n Squid proxy.Update to version 1.10.0\n - Add ability to configure the exporter using environment\n variables.\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process\n information without running as root.\n - Add various service time metrics to provide more detailed\n performance data.\n - Add support for basic authentication against the Squid proxy.\n- Use current distro go default version. Use auto-versioning\n on SUSE as well.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Build without apparmor for openSUSE Leap 16, SLES 16 or newer\n- Update to version 1.0.10\n * Update github.com/prometheus/client_golang to 1.21.1\n * Update github.com/prometheus/common to 0.63.0\n * Update github.com/prometheus/exporter-toolkit to 0.14.0\n- Update to version 1.0.9\n * Update github.com/prometheus/client_golang to 1.20.4\n * Update github.com/prometheus/common to 0.59.1\n * Update github.com/prometheus/exporter-toolkit to 0.13.0\n * Migrate logging to log/slog\n * Fix signal handler logging\n\ngolang-github-prometheus-alertmanager:\n\n- Require gcc11-c++ for building with SLE 12\n\ngolang-github-prometheus-node_exporter:\n\n- Require gcc11-c++ for building with SLE 12\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Update to 3.5.0 (jsc#PED-13824):\n This is a Long-Term Support (LTS) release.\n * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.\n- Update to 3.4.0:\n * [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional feature.\n * [FEATURE] UI: Show detailed relabeling steps for each discovered target.\n * [ENHANCEMENT] Alerting: Add \u0027unknown\u0027 state for alerting rules that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.\n- Update to 3.3.0:\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.\n- Update to 3.2.0:\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n- Update to 3.1.0:\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \u0027created timestamp\u0027 (CT) is now called \u0027start timestamp\u0027 (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n- Update to 3.0.1:\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n- Update to 3.0.0:\n This release includes new features such as a brand new UI and\n UTF-8 support enabled by default.\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n- Update to 2.55.0:\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n- Update to 2.54.0:\n This release brings a release candidate of a major new version of\n Remote Write: 2.0.\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized\n to 0.\n * [CHANGE] API: Split warnings from info annotations in API response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n- Require gcc11-c++ for building with SLE 12\n\ngrafana:\n\n- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n\nmgr-push:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nprometheus-blackbox_exporter:\n\n- Non-customer-facing optimization and update\n\nrhnlib:\n\n- Version 5.1.4-0\n * Non-customer-facing optimization and update \n\nspacecmd:\n\n- Version 5.1.12-0\n * Fix spacecmd binary file upload (bsc#1253659)\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix methods in api namespace in spacecmd (bsc#1249532)\n * Make caching code Py 2.7 compatible\n * Use JSON instead of pickle for spacecmd\n cache (bsc#1227579)\n * Python 2.7 cannot re-raise exceptions\n\nspacewalk-client-tools:\n\n- Version 5.1.8-0\n * Non-customer-facing optimization and update\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-common-libs:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-tools:\n\n- Version 5.1.24-0\n * Actually use the --dbupgrade-tag parameter when computing the\n image URL (bsc#1249400)\n * Handle CA files with symlinks during migration (bsc#1251044)\n * Adjust traefik exposed configuration for chart v27+ (bsc#1247721)\n * Fix systemd object initialization in server rename. (bsc#1250981)\n * Add SSL secrets to the db setup container during migration. (bsc#1250976)\n * Fix images handling in mgrpxy support ptf (bsc#1250940)\n * Fix helm upgrade parameters (bsc#1253966)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Move the SSL checks at the beginning of the migration\n * Remove cgroup mount for podman containers (bsc#1253347)\n * Convert the traefik install time to local time (bsc#1251138)\n * During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)\n * Read env var from http conf file (bsc#1253282)\n * Add --registry-host, --registry-user and --registry-password\n to pull images from an authenticate registry\n * Deprecate --registry\n * Unify backup create and restore dryrun option case\n * Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)\n * Always start database container even if enabled\n * Remove extra ipv6 mapping and nftables workaround (bsc#1248848)\n * Remove old PostgreSQL exporter environment file before migration\n * Support config command parse correctly supportconfig output (bsc#1255781)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-628,SUSE-MultiLinuxManagerTools-SLE-12-2026-628",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0628-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0628-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260628-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0628-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024392.html"
},
{
"category": "self",
"summary": "SUSE Bug 1227579",
"url": "https://bugzilla.suse.com/1227579"
},
{
"category": "self",
"summary": "SUSE Bug 1247644",
"url": "https://bugzilla.suse.com/1247644"
},
{
"category": "self",
"summary": "SUSE Bug 1247721",
"url": "https://bugzilla.suse.com/1247721"
},
{
"category": "self",
"summary": "SUSE Bug 1248848",
"url": "https://bugzilla.suse.com/1248848"
},
{
"category": "self",
"summary": "SUSE Bug 1249400",
"url": "https://bugzilla.suse.com/1249400"
},
{
"category": "self",
"summary": "SUSE Bug 1249532",
"url": "https://bugzilla.suse.com/1249532"
},
{
"category": "self",
"summary": "SUSE Bug 1250940",
"url": "https://bugzilla.suse.com/1250940"
},
{
"category": "self",
"summary": "SUSE Bug 1250976",
"url": "https://bugzilla.suse.com/1250976"
},
{
"category": "self",
"summary": "SUSE Bug 1250981",
"url": "https://bugzilla.suse.com/1250981"
},
{
"category": "self",
"summary": "SUSE Bug 1251044",
"url": "https://bugzilla.suse.com/1251044"
},
{
"category": "self",
"summary": "SUSE Bug 1251138",
"url": "https://bugzilla.suse.com/1251138"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253282",
"url": "https://bugzilla.suse.com/1253282"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1253966",
"url": "https://bugzilla.suse.com/1253966"
},
{
"category": "self",
"summary": "SUSE Bug 1254478",
"url": "https://bugzilla.suse.com/1254478"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
}
],
"title": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-02-25T09:44:32Z",
"generator": {
"date": "2026-02-25T09:44:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0628-1",
"initial_release_date": "2026-02-25T09:44:32Z",
"revision_history": [
{
"date": "2026-02-25T09:44:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.aarch64",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.aarch64",
"product_id": "grafana-11.5.10-120002.4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"product_id": "mgrctl-5.1.24-120002.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-push-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "mgr-push-5.1.5-120002.3.6.1.noarch",
"product_id": "mgr-push-5.1.5-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-lang-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"product_id": "python2-mgr-push-5.1.5-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"product": {
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"product_id": "python2-rhnlib-5.1.4-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product": {
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product_id": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.12-120002.3.6.1.noarch",
"product": {
"name": "spacecmd-5.1.12-120002.3.6.1.noarch",
"product_id": "spacecmd-5.1.12-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product_id": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.ppc64le",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.ppc64le",
"product_id": "grafana-11.5.10-120002.4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"product_id": "mgrctl-5.1.24-120002.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.s390x",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.s390x",
"product_id": "grafana-11.5.10-120002.4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.s390x",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.s390x",
"product_id": "mgrctl-5.1.24-120002.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.x86_64",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.x86_64",
"product_id": "grafana-11.5.10-120002.4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"product_id": "mgrctl-5.1.24-120002.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "mgr-push-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch"
},
"product_reference": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
},
"product_reference": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.12-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch"
},
"product_reference": "spacecmd-5.1.12-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:44:32Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:44:32Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
}
]
}
SUSE-SU-2026:1008-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:07 - Updated: 2026-03-25 10:07Summary
Security update for Prometheus
Severity
Important
Notes
Title of the patch: Security update for Prometheus
Description of the patch: This update for Prometheus fixes the following issues:
golang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter:
- Internal changes to fix build issues with no impact for customers
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)
* CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)
* CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)
* CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):
* Modernized Interface: Introduced a brand-new UI
* Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support
for more secure, native cloudauthentication.
* Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental
to a stable feature.
* Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending
data to external systems.
* Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping
operations.
* Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier
to troubleshoot why targets aren't reporting correctly.
* Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were
accidentally being scraped multiple times.
Patchnames: SUSE-2026-1008,SUSE-SLE-Manager-Tools-15-2026-1008,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1008,SUSE-SLE-Module-Basesystem-15-SP7-2026-1008,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1008,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1008,openSUSE-SLE-15.6-2026-1008
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Prometheus ",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for Prometheus fixes the following issues:\n\ngolang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter: \n\n- Internal changes to fix build issues with no impact for customers \n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)\n * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)\n * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)\n * CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):\n\n * Modernized Interface: Introduced a brand-new UI\n * Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support\n for more secure, native cloudauthentication.\n * Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental\n to a stable feature.\n * Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending\n data to external systems.\n * Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping\n operations.\n * Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier\n to troubleshoot why targets aren\u0027t reporting correctly.\n * Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were\n accidentally being scraped multiple times.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1008,SUSE-SLE-Manager-Tools-15-2026-1008,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1008,SUSE-SLE-Module-Basesystem-15-SP7-2026-1008,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1008,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1008,openSUSE-SLE-15.6-2026-1008",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1008-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1008-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261008-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1008-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024921.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE Bug 1257442",
"url": "https://bugzilla.suse.com/1257442"
},
{
"category": "self",
"summary": "SUSE Bug 1257841",
"url": "https://bugzilla.suse.com/1257841"
},
{
"category": "self",
"summary": "SUSE Bug 1257897",
"url": "https://bugzilla.suse.com/1257897"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1615 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25547 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25547/"
}
],
"title": "Security update for Prometheus ",
"tracking": {
"current_release_date": "2026-03-25T10:07:27Z",
"generator": {
"date": "2026-03-25T10:07:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1008-1",
"initial_release_date": "2026-03-25T10:07:27Z",
"revision_history": [
{
"date": "2026-03-25T10:07:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.i586",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
},
{
"cve": "CVE-2025-61140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61140"
}
],
"notes": [
{
"category": "general",
"text": "The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61140",
"url": "https://www.suse.com/security/cve/CVE-2025-61140"
},
{
"category": "external",
"summary": "SUSE Bug 1257442 for CVE-2025-61140",
"url": "https://bugzilla.suse.com/1257442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-61140"
},
{
"cve": "CVE-2026-1615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1615"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environments or Cross-site Scripting (XSS) in browser contexts. This affects all methods that evaluate JSON Paths against objects, including .query, .nodes, .paths, .value, .parent, and .apply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1615",
"url": "https://www.suse.com/security/cve/CVE-2026-1615"
},
{
"category": "external",
"summary": "SUSE Bug 1257897 for CVE-2026-1615",
"url": "https://bugzilla.suse.com/1257897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "critical"
}
],
"title": "CVE-2026-1615"
},
{
"cve": "CVE-2026-25547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25547"
}
],
"notes": [
{
"category": "general",
"text": "@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process. This issue has been patched in version 5.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25547",
"url": "https://www.suse.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "SUSE Bug 1257834 for CVE-2026-25547",
"url": "https://bugzilla.suse.com/1257834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2026-25547"
}
]
}
SUSE-SU-2026:20232-1
Vulnerability from csaf_suse - Published: 2026-02-05 10:43 - Updated: 2026-02-05 10:43Summary
Security update for golang-github-prometheus-prometheus
Severity
Important
Notes
Title of the patch: Security update for golang-github-prometheus-prometheus
Description of the patch: This update for golang-github-prometheus-prometheus fixes the following issues:
Update to version 3.5.0:
Security issues fixed:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global (bsc#1257329).
- CVE-2025-12816: interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588).
Other updates and bugfixes:
- Update to 3.5.0 (jsc#PED-13824):
* [FEATURE] Remote-write: Add support for Azure Workload Identity
as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and
ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with
custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter
reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to
targets page.
- Update to 3.4.0:
* Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional
feature.
* [FEATURE] UI: Show detailed relabeling steps for each
discovered target.
* [ENHANCEMENT] Alerting: Add "unknown" state for alerting rules
that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be
cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus
Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has
been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
"created timestamp" (CT) is now called "start timestamp" (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and
queue_highest_sent_timestamp_seconds metrics now initialized to
0.
* [CHANGE] API: Split warnings from info annotations in API
response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
Patchnames: SUSE-SLES-16.0-243
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for golang-github-prometheus-prometheus",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for golang-github-prometheus-prometheus fixes the following issues:\n\nUpdate to version 3.5.0:\n\nSecurity issues fixed:\n\n- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global (bsc#1257329).\n- CVE-2025-12816: interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588).\n\nOther updates and bugfixes:\n\n- Update to 3.5.0 (jsc#PED-13824):\n\n * [FEATURE] Remote-write: Add support for Azure Workload Identity\n as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and\n ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with\n custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter\n reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to\n targets page.\n\n- Update to 3.4.0:\n\n * Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional\n feature.\n * [FEATURE] UI: Show detailed relabeling steps for each\n discovered target.\n * [ENHANCEMENT] Alerting: Add \"unknown\" state for alerting rules\n that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be\n cleared on startup.\n\n- Update to 3.3.0:\n\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus\n Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has\n been removed.\n\n- Update to 3.2.0:\n\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n\n- Update to 3.1.0:\n\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \"created timestamp\" (CT) is now called \"start timestamp\" (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n\n- Update to 3.0.1:\n\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n\n- Update to 3.0.0:\n\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n\n- Update to 2.55.0:\n\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n\n- Update to 2.54.0:\n\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and\n queue_highest_sent_timestamp_seconds metrics now initialized to\n 0.\n * [CHANGE] API: Split warnings from info annotations in API\n response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-243",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20232-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20232-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620232-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20232-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024095.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
}
],
"title": "Security update for golang-github-prometheus-prometheus",
"tracking": {
"current_release_date": "2026-02-05T10:43:17Z",
"generator": {
"date": "2026-02-05T10:43:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20232-1",
"initial_release_date": "2026-02-05T10:43:17Z",
"revision_history": [
{
"date": "2026-02-05T10:43:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T10:43:17Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T10:43:17Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
}
]
}
SUSE-SU-2026:1013-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:11 - Updated: 2026-03-25 10:11Summary
Security update 5.0.7 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.0.7 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
dracut-saltboot:
- Version update to 1.1.0:
* Retry DHCP requests up to 3 times (bsc#1253004)
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization and update
golang-github-boynux-squid_exporter:
- Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes (jsc#PED-14971):
* Added compatibility for Squid 6 and support for the squid-internal-mgr metrics path
* Added TLS and Basic Authentication to the exporter’s web interface
* Added support for the exporter to authenticate against the Squid proxy itself
* Allow the gathering of process information without requiring root privileges
* The exporter can now be configured using environment variables
* Added support for custom labels to all exported metrics for better data filtering
* New metrics to track if Squid is running (squid_up), how long a scrape takes, and if any errors occurred
* Added 'service time' metrics to analyze proxy speed and performance.
* Added a metric for open file descriptors (process_open_fds) to help prevent connection bottlenecks
* Corrected the squid_client_http_requests_total metric to ensure accurate reporting
golang-github-lusitaniae-apache_exporter:
- Version update from 1.0.8 to 1.0.10:
* Updated github.com/prometheus/client_golang to 1.21.1
* Updated github.com/prometheus/common to 0.63.0
* Updated github.com/prometheus/exporter-toolkit to 0.14.0
* Fixed signal handler logging
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)
* CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)
* CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)
* CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):
* Modernized Interface: Introduced a brand-new UI
* Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support
for more secure, native cloudauthentication.
* Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental
to a stable feature.
* Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending
data to external systems.
* Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping
operations
* Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier
to troubleshoot why targets aren't reporting correctly.
* Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were
accidentally being scraped multiple times
grafana:
- Security issues fixed:
* CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136)
* CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337)
* CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349)
* CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340)
* CVE-2025-3415: Fixedexposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)
- Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes:
* Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and
removed blurred backgrounds from UI overlays to speed up the interface
* One-Click Actions: Visualizations now support faster navigation via one-click links and actions
* Alerting History: Added version history for alert rules, allowing you to track changes over time
* Service Accounts: Automated the migration of old API keys to more secure Service Accounts upon startup
* Cron Support: Annotations now support Cron syntax for more flexible scheduling
* Identity and Auth: Hardened the Avatar feature (now requires sign-in) and fixed several login redirection issues
when Grafana is hosted on a subpath
* Data Source Support: Added support for Cloud Partner Prometheus data sources and improved Azure legend formatting
* Alerting Limits: Added size limits for expanded notification templates to prevent system strain
* RBAC: Integrated Role-Based Access Control (RBAC) into the Alertmanager via the reqAction field
* Data Consistency: Fixed several issues with Graphite and InfluxDB regarding how variables are handled in repeated
rows or nested queries
* Dashboard Reliability: Resolved bugs involving row repeats and 'self-referencing' data links
* Alerting Fixes: Patched a critical 'panic' (crash) caused by a race condition in alert rules and fixed issues where
contact points weren't working correctly
* URL Handling: Fixed a bug where 'true' values in URL parameters weren't being read correctly
prometheus-blackbox_exporter:
- Non-customer-facing optimization and update
spacecmd:
- Version update to 5.0.15:
* Fixed typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to integer values (bsc#1251995)
* Fixed spacecmd binary file upload (bsc#1253659)
uyuni-tools:
- Version update to 0.1.38:
* Fixed cobbler configuration when migrating to standalone files (bsc#1256803)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Ignore supportconfig errors (bsc#1255781)
* Bumped the default image tag to 5.0.7
* Removed cgroup mount for podman containers (bsc#1253347)
* Registry flag can be a string (bsc#1254589)
* Use static supportconfig name to avoid dynamic search (bsc#1257941)
Patchnames: SUSE-2026-1013,SUSE-SLE-Manager-Tools-15-2026-1013,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1013,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1013,openSUSE-SLE-15.6-2026-1013
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.0.7 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndracut-saltboot:\n\n- Version update to 1.1.0:\n\n * Retry DHCP requests up to 3 times (bsc#1253004)\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization and update\n\ngolang-github-boynux-squid_exporter:\n\n- Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes (jsc#PED-14971):\n\n * Added compatibility for Squid 6 and support for the squid-internal-mgr metrics path\n * Added TLS and Basic Authentication to the exporter\u2019s web interface\n * Added support for the exporter to authenticate against the Squid proxy itself\n * Allow the gathering of process information without requiring root privileges\n * The exporter can now be configured using environment variables\n * Added support for custom labels to all exported metrics for better data filtering\n * New metrics to track if Squid is running (squid_up), how long a scrape takes, and if any errors occurred\n * Added \u0027service time\u0027 metrics to analyze proxy speed and performance.\n * Added a metric for open file descriptors (process_open_fds) to help prevent connection bottlenecks\n * Corrected the squid_client_http_requests_total metric to ensure accurate reporting\n\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Version update from 1.0.8 to 1.0.10:\n\n * Updated github.com/prometheus/client_golang to 1.21.1\n * Updated github.com/prometheus/common to 0.63.0\n * Updated github.com/prometheus/exporter-toolkit to 0.14.0\n * Fixed signal handler logging\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)\n * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)\n * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)\n * CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):\n\n * Modernized Interface: Introduced a brand-new UI\n * Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support\n for more secure, native cloudauthentication.\n * Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental\n to a stable feature.\n * Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending\n data to external systems.\n * Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping\n operations\n * Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier\n to troubleshoot why targets aren\u0027t reporting correctly.\n * Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were\n accidentally being scraped multiple times\n\ngrafana:\n\n- Security issues fixed:\n\n * CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136)\n * CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337)\n * CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349)\n * CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n * CVE-2025-3415: Fixedexposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)\n\n- Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes:\n \n * Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and\n removed blurred backgrounds from UI overlays to speed up the interface\n * One-Click Actions: Visualizations now support faster navigation via one-click links and actions\n * Alerting History: Added version history for alert rules, allowing you to track changes over time\n * Service Accounts: Automated the migration of old API keys to more secure Service Accounts upon startup\n * Cron Support: Annotations now support Cron syntax for more flexible scheduling\n * Identity and Auth: Hardened the Avatar feature (now requires sign-in) and fixed several login redirection issues\n when Grafana is hosted on a subpath\n * Data Source Support: Added support for Cloud Partner Prometheus data sources and improved Azure legend formatting\n * Alerting Limits: Added size limits for expanded notification templates to prevent system strain\n * RBAC: Integrated Role-Based Access Control (RBAC) into the Alertmanager via the reqAction field\n * Data Consistency: Fixed several issues with Graphite and InfluxDB regarding how variables are handled in repeated\n rows or nested queries\n * Dashboard Reliability: Resolved bugs involving row repeats and \u0027self-referencing\u0027 data links\n * Alerting Fixes: Patched a critical \u0027panic\u0027 (crash) caused by a race condition in alert rules and fixed issues where\n contact points weren\u0027t working correctly\n * URL Handling: Fixed a bug where \u0027true\u0027 values in URL parameters weren\u0027t being read correctly\n\nprometheus-blackbox_exporter:\n\n- Non-customer-facing optimization and update\n\nspacecmd:\n\n- Version update to 5.0.15:\n\n * Fixed typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to integer values (bsc#1251995)\n * Fixed spacecmd binary file upload (bsc#1253659)\n\nuyuni-tools:\n\n- Version update to 0.1.38:\n\n * Fixed cobbler configuration when migrating to standalone files (bsc#1256803)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Ignore supportconfig errors (bsc#1255781)\n * Bumped the default image tag to 5.0.7\n * Removed cgroup mount for podman containers (bsc#1253347)\n * Registry flag can be a string (bsc#1254589)\n * Use static supportconfig name to avoid dynamic search (bsc#1257941)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1013,SUSE-SLE-Manager-Tools-15-2026-1013,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1013,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1013,openSUSE-SLE-15.6-2026-1013",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1013-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1013-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261013-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1013-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024917.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253004",
"url": "https://bugzilla.suse.com/1253004"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1254589",
"url": "https://bugzilla.suse.com/1254589"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE Bug 1256803",
"url": "https://bugzilla.suse.com/1256803"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE Bug 1257337",
"url": "https://bugzilla.suse.com/1257337"
},
{
"category": "self",
"summary": "SUSE Bug 1257349",
"url": "https://bugzilla.suse.com/1257349"
},
{
"category": "self",
"summary": "SUSE Bug 1257442",
"url": "https://bugzilla.suse.com/1257442"
},
{
"category": "self",
"summary": "SUSE Bug 1257841",
"url": "https://bugzilla.suse.com/1257841"
},
{
"category": "self",
"summary": "SUSE Bug 1257897",
"url": "https://bugzilla.suse.com/1257897"
},
{
"category": "self",
"summary": "SUSE Bug 1257941",
"url": "https://bugzilla.suse.com/1257941"
},
{
"category": "self",
"summary": "SUSE Bug 1258136",
"url": "https://bugzilla.suse.com/1258136"
},
{
"category": "self",
"summary": "SUSE Bug 1258893",
"url": "https://bugzilla.suse.com/1258893"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1615 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21721 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21722 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25547 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27606 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27606/"
}
],
"title": "Security update 5.0.7 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-03-25T10:11:52Z",
"generator": {
"date": "2026-03-25T10:11:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1013-1",
"initial_release_date": "2026-03-25T10:11:52Z",
"revision_history": [
{
"date": "2026-03-25T10:11:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.aarch64",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.aarch64",
"product_id": "grafana-11.6.11-150000.1.90.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"product_id": "mgrctl-0.1.38-150000.1.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.i586",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.i586",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.i586",
"product_id": "mgrctl-0.1.38-150000.1.30.1.i586"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"product": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"product_id": "dracut-saltboot-1.1.0-150000.1.65.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-lang-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.15-150000.3.142.1.noarch",
"product": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch",
"product_id": "spacecmd-5.0.15-150000.3.142.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.ppc64le",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.ppc64le",
"product_id": "grafana-11.6.11-150000.1.90.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"product_id": "mgrctl-0.1.38-150000.1.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.s390x",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.s390x",
"product_id": "grafana-11.6.11-150000.1.90.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.s390x",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x",
"product_id": "mgrctl-0.1.38-150000.1.30.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.x86_64",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.x86_64",
"product_id": "grafana-11.6.11-150000.1.90.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"product_id": "mgrctl-0.1.38-150000.1.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch"
},
"product_reference": "spacecmd-5.0.15-150000.3.142.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
},
"product_reference": "spacecmd-5.0.15-150000.3.142.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-61140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61140"
}
],
"notes": [
{
"category": "general",
"text": "The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61140",
"url": "https://www.suse.com/security/cve/CVE-2025-61140"
},
{
"category": "external",
"summary": "SUSE Bug 1257442 for CVE-2025-61140",
"url": "https://bugzilla.suse.com/1257442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-61140"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
},
{
"cve": "CVE-2026-1615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1615"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environments or Cross-site Scripting (XSS) in browser contexts. This affects all methods that evaluate JSON Paths against objects, including .query, .nodes, .paths, .value, .parent, and .apply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1615",
"url": "https://www.suse.com/security/cve/CVE-2026-1615"
},
{
"category": "external",
"summary": "SUSE Bug 1257897 for CVE-2026-1615",
"url": "https://bugzilla.suse.com/1257897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "critical"
}
],
"title": "CVE-2026-1615"
},
{
"cve": "CVE-2026-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21720"
}
],
"notes": [
{
"category": "general",
"text": "Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21720",
"url": "https://www.suse.com/security/cve/CVE-2026-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1257349 for CVE-2026-21720",
"url": "https://bugzilla.suse.com/1257349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-21720"
},
{
"cve": "CVE-2026-21721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21721"
}
],
"notes": [
{
"category": "general",
"text": "The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization-internal privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21721",
"url": "https://www.suse.com/security/cve/CVE-2026-21721"
},
{
"category": "external",
"summary": "SUSE Bug 1257337 for CVE-2026-21721",
"url": "https://bugzilla.suse.com/1257337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-21721"
},
{
"cve": "CVE-2026-21722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21722"
}
],
"notes": [
{
"category": "general",
"text": "Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange.\n\nThis did not leak any annotations that would not otherwise be visible on the public dashboard.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21722",
"url": "https://www.suse.com/security/cve/CVE-2026-21722"
},
{
"category": "external",
"summary": "SUSE Bug 1258136 for CVE-2026-21722",
"url": "https://bugzilla.suse.com/1258136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-21722"
},
{
"cve": "CVE-2026-25547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25547"
}
],
"notes": [
{
"category": "general",
"text": "@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process. This issue has been patched in version 5.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25547",
"url": "https://www.suse.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "SUSE Bug 1257834 for CVE-2026-25547",
"url": "https://bugzilla.suse.com/1257834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-25547"
},
{
"cve": "CVE-2026-27606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27606"
}
],
"notes": [
{
"category": "general",
"text": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27606",
"url": "https://www.suse.com/security/cve/CVE-2026-27606"
},
{
"category": "external",
"summary": "SUSE Bug 1258846 for CVE-2026-27606",
"url": "https://bugzilla.suse.com/1258846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-27606"
}
]
}
SUSE-SU-2026:0630-1
Vulnerability from csaf_suse - Published: 2026-02-25 09:46 - Updated: 2026-02-25 09:46Summary
Security update 5.1.2 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.2 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
dracut-saltboot:
- Update to version 1.1.0
* Retry DHCP requests up to 3 times (bsc#1253004)
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization around source building
golang-github-boynux-squid_exporter:
- Update to version 1.13.0 (jsc#PED-14971)
- Add support for squid-internal-mgr path for metrics.
- Update to version 1.12.0
- Add TLS and basic authentication support for the web interface.
- Update to version 1.11.0
- Allow adding custom labels to all metrics.
- Update to version 1.10.0
- Add ability to configure the exporter using environment variables.
- Add support for Squid 6
- Add `squid_up` metric
- Add `squid_scrape_duration_seconds` metric
- Add `squid_scrape_error` metric
- Update to version 1.9.0
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.
- Update to version 1.8.0
- Add various service time metrics to provide more detailed performance data.
- Update to version 1.7.0
- Add support for basic authentication against the Squid proxy.
- Fix `squid_client_http_requests_total` metric
- Upstream changes for v1.9.0:
- Use `CAP_DAC_READ_SEARCH` capability to allow
reading process information without running as root.
- Upstream changes for v1.8.0:
- Add various service time metrics to provide more detailed
performance data.
- Upstream changes for v1.7.0:
Squid proxy.Update to version 1.10.0
- Add ability to configure the exporter using environment
variables.
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process
information without running as root.
- Add various service time metrics to provide more detailed
performance data.
- Add support for basic authentication against the Squid proxy.
- Use current distro go default version. Use auto-versioning
on SUSE as well.
golang-github-lusitaniae-apache_exporter:
- Build without apparmor for openSUSE Leap 16, SLES 16 or newer
- Require Go 1.23 for building
- Update to version 1.0.10
* Update github.com/prometheus/client_golang to 1.21.1
* Update github.com/prometheus/common to 0.63.0
* Update github.com/prometheus/exporter-toolkit to 0.14.0
- Update to version 1.0.9
* Update github.com/prometheus/client_golang to 1.20.4
* Update github.com/prometheus/common to 0.59.1
* Update github.com/prometheus/exporter-toolkit to 0.13.0
* Migrate logging to log/slog
* Fix signal handler logging
golang-github-prometheus-alertmanager:
- Non-customer-facing optimization around source building
golang-github-prometheus-node_exporter:
- Non-customer-facing optimization around source building
golang-github-prometheus-prometheus:
- CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Update to 3.5.0 (jsc#PED-13824):
This is a Long-Term Support (LTS) release.
* [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.
- Update to 3.4.0:
* [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional feature.
* [FEATURE] UI: Show detailed relabeling steps for each discovered target.
* [ENHANCEMENT] Alerting: Add 'unknown' state for alerting rules that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
'created timestamp' (CT) is now called 'start timestamp' (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
This release includes new features such as a brand new UI and
UTF-8 support enabled by default.
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
This release brings a release candidate of a major new version of
Remote Write: 2.0.
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0.
* [CHANGE] API: Split warnings from info annotations in API response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
grafana:
- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)
mgr-push:
- Version 5.1.5-0
* Non-customer-facing optimization and update
prometheus-blackbox_exporter:
* Non-customer-facing optimization and update
rhnlib:
- Version 5.1.4-0
* Non-customer-facing optimization and update
spacecmd:
- Version 5.1.12-0
* Fix spacecmd binary file upload (bsc#1253659)
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix methods in api namespace in spacecmd (bsc#1249532)
* Make caching code Py 2.7 compatible
* Use JSON instead of pickle for spacecmd cache (bsc#1227579)
* Python 2.7 cannot re-raise exceptions
spacewalk-client-tools:
- Version 5.1.8-0
* Non-customer-facing optimization and update
supportutils-plugin-susemanager-client:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-common-libs:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-tools:
- Version 5.1.24-0
* Actually use the --dbupgrade-tag parameter when computing the
image URL (bsc#1249400)
* Handle CA files with symlinks during migration (bsc#1251044)
* Adjust traefik exposed configuration for chart v27+ (bsc#1247721)
* Fix systemd object initialization in server rename. (bsc#1250981)
* Add SSL secrets to the db setup container during migration. (bsc#1250976)
* Fix images handling in mgrpxy support ptf (bsc#1250940)
* Fix helm upgrade parameters (bsc#1253966)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Move the SSL checks at the beginning of the migration
* Remove cgroup mount for podman containers (bsc#1253347)
* Convert the traefik install time to local time (bsc#1251138)
* During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)
* Read env var from http conf file (bsc#1253282)
* Add --registry-host, --registry-user and --registry-password
to pull images from an authenticate registry
* Deprecate --registry
* Unify backup create and restore dryrun option case
* Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)
* Always start database container even if enabled
* Remove extra ipv6 mapping and nftables workaround (bsc#1248848)
* Remove old PostgreSQL exporter environment file before migration
* Support config command parse correctly supportconfig output (bsc#1255781)
Patchnames: SUSE-2026-630,SUSE-MultiLinuxManagerTools-SLE-15-2026-630,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-630
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndracut-saltboot:\n\n- Update to version 1.1.0\n * Retry DHCP requests up to 3 times (bsc#1253004) \n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-boynux-squid_exporter:\n\n- Update to version 1.13.0 (jsc#PED-14971)\n - Add support for squid-internal-mgr path for metrics.\n- Update to version 1.12.0\n - Add TLS and basic authentication support for the web interface.\n- Update to version 1.11.0\n - Allow adding custom labels to all metrics.\n- Update to version 1.10.0\n - Add ability to configure the exporter using environment variables.\n - Add support for Squid 6\n - Add `squid_up` metric\n - Add `squid_scrape_duration_seconds` metric\n - Add `squid_scrape_error` metric\n- Update to version 1.9.0\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.\n- Update to version 1.8.0\n - Add various service time metrics to provide more detailed performance data.\n- Update to version 1.7.0\n - Add support for basic authentication against the Squid proxy.\n - Fix `squid_client_http_requests_total` metric\n- Upstream changes for v1.9.0:\n - Use `CAP_DAC_READ_SEARCH` capability to allow\n reading process information without running as root.\n- Upstream changes for v1.8.0:\n - Add various service time metrics to provide more detailed\n performance data.\n- Upstream changes for v1.7.0:\n Squid proxy.Update to version 1.10.0\n - Add ability to configure the exporter using environment\n variables.\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process\n information without running as root.\n - Add various service time metrics to provide more detailed\n performance data.\n - Add support for basic authentication against the Squid proxy.\n- Use current distro go default version. Use auto-versioning\n on SUSE as well.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Build without apparmor for openSUSE Leap 16, SLES 16 or newer\n- Require Go 1.23 for building\n- Update to version 1.0.10\n * Update github.com/prometheus/client_golang to 1.21.1\n * Update github.com/prometheus/common to 0.63.0\n * Update github.com/prometheus/exporter-toolkit to 0.14.0\n- Update to version 1.0.9\n * Update github.com/prometheus/client_golang to 1.20.4\n * Update github.com/prometheus/common to 0.59.1\n * Update github.com/prometheus/exporter-toolkit to 0.13.0\n * Migrate logging to log/slog\n * Fix signal handler logging\n\ngolang-github-prometheus-alertmanager:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-prometheus-node_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-prometheus-prometheus:\n\n- CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n- Update to 3.5.0 (jsc#PED-13824):\n This is a Long-Term Support (LTS) release.\n * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.\n- Update to 3.4.0:\n * [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional feature.\n * [FEATURE] UI: Show detailed relabeling steps for each discovered target.\n * [ENHANCEMENT] Alerting: Add \u0027unknown\u0027 state for alerting rules that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.\n- Update to 3.3.0:\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.\n- Update to 3.2.0:\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n- Update to 3.1.0:\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \u0027created timestamp\u0027 (CT) is now called \u0027start timestamp\u0027 (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n- Update to 3.0.1:\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n- Update to 3.0.0:\n This release includes new features such as a brand new UI and\n UTF-8 support enabled by default.\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n- Update to 2.55.0:\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n- Update to 2.54.0:\n This release brings a release candidate of a major new version of\n Remote Write: 2.0.\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0.\n * [CHANGE] API: Split warnings from info annotations in API response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n\ngrafana:\n\n- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n\nmgr-push:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nprometheus-blackbox_exporter:\n\n* Non-customer-facing optimization and update\n\nrhnlib:\n\n- Version 5.1.4-0\n * Non-customer-facing optimization and update\n\nspacecmd:\n\n- Version 5.1.12-0\n * Fix spacecmd binary file upload (bsc#1253659)\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix methods in api namespace in spacecmd (bsc#1249532)\n * Make caching code Py 2.7 compatible\n * Use JSON instead of pickle for spacecmd cache (bsc#1227579)\n * Python 2.7 cannot re-raise exceptions\n\nspacewalk-client-tools:\n\n- Version 5.1.8-0\n * Non-customer-facing optimization and update\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-common-libs:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-tools:\n\n- Version 5.1.24-0\n * Actually use the --dbupgrade-tag parameter when computing the\n image URL (bsc#1249400)\n * Handle CA files with symlinks during migration (bsc#1251044)\n * Adjust traefik exposed configuration for chart v27+ (bsc#1247721)\n * Fix systemd object initialization in server rename. (bsc#1250981)\n * Add SSL secrets to the db setup container during migration. (bsc#1250976)\n * Fix images handling in mgrpxy support ptf (bsc#1250940)\n * Fix helm upgrade parameters (bsc#1253966)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Move the SSL checks at the beginning of the migration\n * Remove cgroup mount for podman containers (bsc#1253347)\n * Convert the traefik install time to local time (bsc#1251138)\n * During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)\n * Read env var from http conf file (bsc#1253282)\n * Add --registry-host, --registry-user and --registry-password\n to pull images from an authenticate registry\n * Deprecate --registry\n * Unify backup create and restore dryrun option case\n * Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)\n * Always start database container even if enabled\n * Remove extra ipv6 mapping and nftables workaround (bsc#1248848)\n * Remove old PostgreSQL exporter environment file before migration\n * Support config command parse correctly supportconfig output (bsc#1255781)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-630,SUSE-MultiLinuxManagerTools-SLE-15-2026-630,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-630",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0630-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0630-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260630-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0630-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024390.html"
},
{
"category": "self",
"summary": "SUSE Bug 1227579",
"url": "https://bugzilla.suse.com/1227579"
},
{
"category": "self",
"summary": "SUSE Bug 1247644",
"url": "https://bugzilla.suse.com/1247644"
},
{
"category": "self",
"summary": "SUSE Bug 1247721",
"url": "https://bugzilla.suse.com/1247721"
},
{
"category": "self",
"summary": "SUSE Bug 1248848",
"url": "https://bugzilla.suse.com/1248848"
},
{
"category": "self",
"summary": "SUSE Bug 1249400",
"url": "https://bugzilla.suse.com/1249400"
},
{
"category": "self",
"summary": "SUSE Bug 1249532",
"url": "https://bugzilla.suse.com/1249532"
},
{
"category": "self",
"summary": "SUSE Bug 1250940",
"url": "https://bugzilla.suse.com/1250940"
},
{
"category": "self",
"summary": "SUSE Bug 1250976",
"url": "https://bugzilla.suse.com/1250976"
},
{
"category": "self",
"summary": "SUSE Bug 1250981",
"url": "https://bugzilla.suse.com/1250981"
},
{
"category": "self",
"summary": "SUSE Bug 1251044",
"url": "https://bugzilla.suse.com/1251044"
},
{
"category": "self",
"summary": "SUSE Bug 1251138",
"url": "https://bugzilla.suse.com/1251138"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253004",
"url": "https://bugzilla.suse.com/1253004"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253282",
"url": "https://bugzilla.suse.com/1253282"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1253966",
"url": "https://bugzilla.suse.com/1253966"
},
{
"category": "self",
"summary": "SUSE Bug 1254478",
"url": "https://bugzilla.suse.com/1254478"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
}
],
"title": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-02-25T09:46:12Z",
"generator": {
"date": "2026-02-25T09:46:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0630-1",
"initial_release_date": "2026-02-25T09:46:12Z",
"revision_history": [
{
"date": "2026-02-25T09:46:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.aarch64",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.aarch64",
"product_id": "grafana-11.5.10-150002.4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"product_id": "mgrctl-5.1.24-150002.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"product": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"product_id": "dracut-saltboot-1.1.0-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-push-5.1.5-150002.3.6.2.noarch",
"product": {
"name": "mgr-push-5.1.5-150002.3.6.2.noarch",
"product_id": "mgr-push-5.1.5-150002.3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-lang-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"product": {
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"product_id": "python3-mgr-push-5.1.5-150002.3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"product": {
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"product_id": "python3-rhnlib-5.1.4-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product": {
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product_id": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.12-150002.3.6.1.noarch",
"product": {
"name": "spacecmd-5.1.12-150002.3.6.1.noarch",
"product_id": "spacecmd-5.1.12-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product_id": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.ppc64le",
"product_id": "grafana-11.5.10-150002.4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"product_id": "mgrctl-5.1.24-150002.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.s390x",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.s390x",
"product_id": "grafana-11.5.10-150002.4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.s390x",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x",
"product_id": "mgrctl-5.1.24-150002.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.x86_64",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.x86_64",
"product_id": "grafana-11.5.10-150002.4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"product_id": "mgrctl-5.1.24-150002.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15"
}
},
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.5-150002.3.6.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch"
},
"product_reference": "mgr-push-5.1.5-150002.3.6.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch"
},
"product_reference": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch"
},
"product_reference": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
},
"product_reference": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.12-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch"
},
"product_reference": "spacecmd-5.1.12-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:46:12Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:46:12Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
}
]
}
RHSA-2026:3712
Vulnerability from csaf_redhat - Published: 2026-03-04 07:12 - Updated: 2026-04-14 09:16Summary
Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4
Severity
Important
Notes
Topic: The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator..
For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).
Details: The 1.15.4 release of Red Hat OpenShift Pipelines Operator.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service.
5.9 (Medium)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
The issue can be mitigated by reducing the maximum allowed length of the request headers using the --max-http-header-size=size or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. The issue can be mitigated also by seting server.maxHeadersCount to 0.
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.
8.1 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.
8.1 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.
7.5 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.
7.7 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
8.2 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
7.5 (High)
Vendor Fix
Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.
https://access.redhat.com/errata/RHSA-2026:3712
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator..\nFor more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.15.4 release of Red Hat OpenShift Pipelines Operator.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3712",
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-37890",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6545",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6547",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3712.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4",
"tracking": {
"current_release_date": "2026-04-14T09:16:55+00:00",
"generator": {
"date": "2026-04-14T09:16:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:3712",
"initial_release_date": "2026-03-04T07:12:04+00:00",
"revision_history": [
{
"date": "2026-03-04T07:12:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-04T09:09:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T09:16:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Pipelines 1.15",
"product": {
"name": "Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ab7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Ad2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3Ac7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Abba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Adbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Acf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3Ad356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3A9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Aca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Ad4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3Abc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Aa0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3A494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Aab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Aa77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Afbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Afdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Ab767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Aeae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ad52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Af2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3Ad71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Ac8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3A0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3Aac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Aabca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Aea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3Ab33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Af532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Adfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Afed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Afbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Acea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Ae6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-37890",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the \u0027server.maxHeadersCount\u0027 threshold could be used to crash a ws server, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ws: denial of service when handling a request with many HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "RHBZ#2292777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q"
}
],
"release_date": "2024-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "The issue can be mitigated by reducing the maximum allowed length of the request headers using the --max-http-header-size=size or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. The issue can be mitigated also by seting server.maxHeadersCount to 0.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ws: denial of service when handling a request with many HTTP headers"
},
{
"cve": "CVE-2025-6545",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T19:00:51.575615+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374370"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns predictable key material",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated important because it causes the pbkdf2 module to quietly return weak or zero-filled keys when certain algorithm names are used incorrectly in browsers or bundled code, this causes the function to silently return a predictable value (such as a zero-filled buffer or uninitialized memory) instead of a securely derived key, completely undermining the confidentiality and integrity of any cryptographic operation where attackers could guess or reuse these keys to access or change protected data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "RHBZ#2374370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078",
"url": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6"
}
],
"release_date": "2025-06-23T18:41:18.771000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns predictable key material"
},
{
"cve": "CVE-2025-6547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T20:01:13.559691+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns static keys",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because a logic flaw was found in the npm pbkdf2 library where the vulnerability, located in the toBuffer method, causes password and salt inputs provided as Uint8Array objects to be silently ignored. This results in the function returning a static, predictable key derived from empty inputs, completely undermining the security guarantees of any feature that relies on the generated key, this allows an attacker to forge signatures, leading to a complete compromise of the application\u0027s data confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "RHBZ#2374378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59"
}
],
"release_date": "2025-06-23T19:00:45.472000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns static keys"
},
{
"cve": "CVE-2025-9287",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T22:00:53.821394+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389932"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cipher-base: Cipher-base hash manipulation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "RHBZ#2389932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/pull/23",
"url": "https://github.com/browserify/cipher-base/pull/23"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
"url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
}
],
"release_date": "2025-08-20T21:43:56.548000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cipher-base: Cipher-base hash manipulation"
},
{
"cve": "CVE-2025-9288",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T23:00:56.263191+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389980"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "RHBZ#2389980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/pull/78",
"url": "https://github.com/browserify/sha.js/pull/78"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
"url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
}
],
"release_date": "2025-08-20T21:59:44.728000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
}
]
}
RHSA-2026:4215
Vulnerability from csaf_redhat - Published: 2026-03-10 15:34 - Updated: 2026-04-14 09:46Summary
Red Hat Security Advisory: Red Hat Quay 3.14.6
Severity
Important
Notes
Topic: Red Hat Quay 3.14.6 is now available with bug fixes.
Details: Quay 3.14.6
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Azure Storage Library Information Disclosure Vulnerability
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in pyjwt. The library uses weak encryption, allowing an attacker to potentially decrypt sensitive data. A network-based attacker can exploit this vulnerability without authentication, possibly resulting in a denial of service or data exposure. This weakness stems from the use of inadequate cryptographic algorithms.
0.0 (None)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A denial of service flaw has been discovered in the Axios npm package. When Axios runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested responseType: 'stream'.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed‑language fleets, this enables split‑brain verification and can lead to policy bypass, replay, or privilege escalation.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
A denial of service flaw has been discovered in the python Authlib package. Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11458
https://access.redhat.com/errata/RHSA-2026:4215
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.14.6 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.14.6",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4215",
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47273",
"url": "https://access.redhat.com/security/cve/CVE-2025-47273"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-30187",
"url": "https://access.redhat.com/security/cve/CVE-2022-30187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-47081",
"url": "https://access.redhat.com/security/cve/CVE-2024-47081"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-50181",
"url": "https://access.redhat.com/security/cve/CVE-2025-50181"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58754",
"url": "https://access.redhat.com/security/cve/CVE-2025-58754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45768",
"url": "https://access.redhat.com/security/cve/CVE-2025-45768"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4215.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.14.6",
"tracking": {
"current_release_date": "2026-04-14T09:46:41+00:00",
"generator": {
"date": "2026-04-14T09:46:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:4215",
"initial_release_date": "2026-03-10T15:34:38+00:00",
"revision_history": [
{
"date": "2026-03-10T15:34:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-10T15:34:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T09:46:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.14",
"product": {
"name": "Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Aa7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097298"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ac4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097803"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097302"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Afd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771008628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Aaea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771265622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Aa4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Aef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773101667"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097311"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097621"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097298"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097302"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771008628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771265622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097311"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097621"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097298"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aaa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097302"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771008628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771265622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Aaad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097311"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ae2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097621"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097298"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ac33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097302"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Abec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771008628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771265622"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097311"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773097621"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64 as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"relates_to_product_reference": "Red Hat Quay 3.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le as a component of Red Hat Quay 3.14",
"product_id": "Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30187",
"discovery_date": "2025-05-06T16:30:59.189000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"notes": [
{
"category": "description",
"text": "Azure Storage Library Information Disclosure Vulnerability",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "Red Hat Product Security has determined that this vulnerability does not affect any currently supported Red Hat product. This assessment may evolve based on further analysis and discovery. For more information about this vulnerability and the products it affects, please see the linked references.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30187"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Azure Storage: Azure Storage Library Information Disclosure Vulnerability"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-47081",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"discovery_date": "2025-06-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2371272"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "requests: Requests vulnerable to .netrc credentials leak via malicious URLs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47081"
},
{
"category": "external",
"summary": "RHBZ#2371272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2371272"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47081"
},
{
"category": "external",
"summary": "http://seclists.org/fulldisclosure/2025/Jun/2",
"url": "http://seclists.org/fulldisclosure/2025/Jun/2"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/06/03/11",
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/11"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/06/03/9",
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/9"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/06/04/1",
"url": "http://www.openwall.com/lists/oss-security/2025/06/04/1"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/06/04/6",
"url": "http://www.openwall.com/lists/oss-security/2025/06/04/6"
},
{
"category": "external",
"summary": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef",
"url": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"
},
{
"category": "external",
"summary": "https://github.com/psf/requests/pull/6965",
"url": "https://github.com/psf/requests/pull/6965"
},
{
"category": "external",
"summary": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7",
"url": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"
},
{
"category": "external",
"summary": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env",
"url": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"
},
{
"category": "external",
"summary": "https://seclists.org/fulldisclosure/2025/Jun/2",
"url": "https://seclists.org/fulldisclosure/2025/Jun/2"
}
],
"release_date": "2025-06-09T17:57:47.731000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "requests: Requests vulnerable to .netrc credentials leak via malicious URLs"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-45768",
"discovery_date": "2025-07-31T21:01:30.698283+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyjwt. The library uses weak encryption, allowing an attacker to potentially decrypt sensitive data. A network-based attacker can exploit this vulnerability without authentication, possibly resulting in a denial of service or data exposure. This weakness stems from the use of inadequate cryptographic algorithms.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been disputed by the PyJWT. The developers of PyJWT confirm that this issue is not a flaw in the library\u0027s function but rather a potential risk if an application developer chooses to use weak, short cryptographic keys.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
}
],
"release_date": "2025-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pyjwt: pyjwt Weak Encryption Vulnerability"
},
{
"cve": "CVE-2025-47273",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-05-17T16:00:41.145177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366982"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn\u0027t expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "setuptools: Path Traversal Vulnerability in setuptools PackageIndex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this vulnerability \"Moderate\" based on the impact of the damage caused by a successful exploitation and the pre-requisites.\n\n* Exploitation requires that the attacker have limited code execution access to a Python environment where they can trigger the vulnerable PackageIndex.download() function\u2014this might be via a script, plugin, or automated job. Full admin rights aren\u0027t needed but a user with no access at all will be unable to exploit this vulnerability.\n* The vulnerability impacts the integrity of the system within the same security boundary\u2014it does not enable access or compromise across trust boundaries (e.g., from one container to another or from user space to kernel).\n* Successful exploitation only allows the attacker to \"create\" new files. The vulnerability does not provide access to existing files and by an extension to any confidential information. \n* Arbitrary file writes can overwrite critical config files, executables, or scripts. This can lead to persistent code execution, system misconfiguration, or unauthorized behavior, especially in automated environments. While overwriting critical files could theoretically lead to service disruption, the vulnerability in isolation does not inherently cause denial of service. The exploit doesn\u0027t target availability directly, and in many cases, systems may continue running.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47273"
},
{
"category": "external",
"summary": "RHBZ#2366982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88",
"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b",
"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/issues/4946",
"url": "https://github.com/pypa/setuptools/issues/4946"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf",
"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf"
}
],
"release_date": "2025-05-17T15:46:11.399000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "setuptools: Path Traversal Vulnerability in setuptools PackageIndex"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-50181",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2025-06-19T02:00:42.866992+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373799"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in the urllib3 library where it could be tricked into disclosing the Proxy-Authorization header to a destination server when a CONNECT tunnel is used. An attacker can set up a malicious redirect to a crafted URL, which, when followed by the client application, will cause the Proxy-Authorization header to be sent to the attacker-controlled server. This leaks sensitive credentials for the proxy. The impact is primarily on confidentiality. While urllib3 is a ubiquitous component, the vulnerability requires a specific scenario where a user is connecting to a proxy that requires authentication and is redirected to a malicious endpoint. This lowers the exploitability compared to a direct, unauthenticated remote attack, thus, warranting a Moderate severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-50181"
},
{
"category": "external",
"summary": "RHBZ#2373799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373799"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-50181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50181"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857",
"url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"
}
],
"release_date": "2025-06-19T01:08:00.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-58754",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-12T02:00:53.897605+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394735"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the Axios npm package. When Axios runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response.\nThis path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested responseType: \u0027stream\u0027.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios DoS via lack of data size check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the application which bundles axios and not the host Red Hat system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58754"
},
{
"category": "external",
"summary": "RHBZ#2394735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58754",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58754"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593",
"url": "https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/7011",
"url": "https://github.com/axios/axios/pull/7011"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.12.0",
"url": "https://github.com/axios/axios/releases/tag/v1.12.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj",
"url": "https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj"
}
],
"release_date": "2025-09-12T01:16:40.513000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios DoS via lack of data size check"
},
{
"cve": "CVE-2025-59420",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-22T18:01:35.379361+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397460"
}
],
"notes": [
{
"category": "description",
"text": "Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib RFC violation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "RHBZ#2397460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
"url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
}
],
"release_date": "2025-09-22T17:28:53.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib RFC violation"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-61920",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-10T20:01:12.833962+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403179"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the python Authlib package. Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "RHBZ#2403179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
"url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
}
],
"release_date": "2025-10-10T19:25:07.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib Denial of Service"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T15:34:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11458",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4215"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:1ec5bd4c50f080096a3579e498ac9301acf3927834f7773996911db8e11d2279_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:698a1ae2e5e2669d5a328d99deb4b8c67f2d7dd03d878600ce13f8dfb154fcf6_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:a4037bacb4f26a947e511da97519fe318b986e31ef4689a2ec7499789096dc2b_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/clair-rhel8@sha256:aad14ca0de55666d13c1a12511cea2c071d0a1c7c5e1b9ed9d7c70d157225293_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c4133c994168c764a87f34a39a2fa66fa0c04c0c186781cf024e5e41f62280d0_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1ff62272e3139cfc7abf3511e706bcdffeabfbbcacfee18508bd629cea20fd78_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2f0c540c7269e27be3e0d4f988a4d19371a80b8b0684cff74d21851608636c88_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa1b44b1ee74a3ba6aa63eef2003077b1a9a5c067a6aa590eeb8fe30a93fe60b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:c33a90cf0b733a8fd0514f9c6cd53c22ff307c15b80c582736ab88ed26e967f7_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0a79d63a51f959c7704662cf7370da2bd76cc22dd13acefe6eebe6b38881f98a_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9e2fd6eb656ea932d83f001922aa46e7cef7796c404dbe7ab6393820149941a8_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bec2f493457c5fec6af7309d9cc09c4a04632b9050b03720861cb05ac77d1d10_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:fd57da947aee5538acc22c9bbc537eeed955334f7bcce8683fe6eb325847812f_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:00c8d4e64fd7246b51a23807d56421a63c5cb201565e50fcdd70623d208b4c80_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:47b66c0f25e0be3b5e533422d5591baadc5f7653ec4c97d8398d6cc3451f5ed9_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:78d3fada736cdb40efb692c6eede03c9a380e3d44e3b4ca338bf3676e1c1b745_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-builder-rhel8@sha256:aea11bfd317b3c0d414f7c1ca5c7768ebbe2bf984d48f2960ec309463c383ced_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:a7f0bcbf21692be996d8beba4228d51d047237a3dad43a5d61e1a379742b5101_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:14d025b088b84df61332fd60382161cccfae6fc7310cdd7fd0a96432a1dcbb0b_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:191c87e2d307ccc97699cf0ff4b7217ca6d4c6fd51b01e93abc423b7b3b688ba_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:19afededc1a3f54a6c3d85c4e0e35043e1b0d2074f0d983e3393c4694348ae58_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a15aecd0b757726ec8dd1fc2d8d0e611fba1b77ce7857604bfa56314bc5189a_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-bundle@sha256:ef354fd2be18bcce59d2880843ad295ac8610c1d2dd1565a941ab18e77eec27e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:420be03e698e066bbaa96c7334e1a6b14793836f437b53ee1d961414115622c4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:6e421e848fac1ffd749e1761acd51d41419d73a55e610170e3c6c53294ec061e_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:7d3344ce19373fdf5cc721f0abbb2c2ee87d079b96d0dd4c7350621cfa57a322_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-operator-rhel8@sha256:91844fb97cac49e78054bd9547222aadf1762f1c0fd05feb0b86f9d94787512b_ppc64le",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:05cc4b4410de27e32897492effb21362d8c1bc8cc56e9408fc9a19f9f3149899_arm64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:225e2bed98b80e753ba2eca6b121a7295b20633b25b8098b7dce66efc2bc1b70_amd64",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:51881be0039c3a7df9ad588060955dc3f0ea6eef28a35ebc4fe146e73316e2a4_s390x",
"Red Hat Quay 3.14:registry.redhat.io/quay/quay-rhel8@sha256:e2a2347a1ed65e94a13fd0330e7922339096d725733071a1f9eb4c413be5eb90_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:1517
Vulnerability from csaf_redhat - Published: 2026-01-28 22:40 - Updated: 2026-04-14 09:46Summary
Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
A path traversal vulnerability has been discovered in the jdPDF npm library. User control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js`.
8.6 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.
7.8 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.
A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.
8.0 (High)
Vendor Fix
If you are using an earlier version of RHACS, you are advised to
upgrade to the version of RHACS mentioned in the synopsis and release
notes in order to take advantage of the enhancements, bug fixes, and/or
security patches in the release.
https://access.redhat.com/errata/RHSA-2026:1517
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1517",
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68428",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1517.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update",
"tracking": {
"current_release_date": "2026-04-14T09:46:06+00:00",
"generator": {
"date": "2026-04-14T09:46:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:1517",
"initial_release_date": "2026-01-28T22:40:02+00:00",
"revision_history": [
{
"date": "2026-01-28T22:40:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-30T14:36:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T09:46:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Af23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ab22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aeb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aeaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Affc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Acfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Adb0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Afe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Adeea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Af96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Adcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Acc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
},
{
"cve": "CVE-2025-68428",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2026-01-05T22:01:15.703824+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427236"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability has been discovered in the jdPDF npm library. User control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "RHBZ#2427236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
}
],
"release_date": "2026-01-05T21:43:55.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:0414
Vulnerability from csaf_redhat - Published: 2026-01-08 22:34 - Updated: 2026-04-14 09:16Summary
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
Severity
Important
Notes
Topic: A Subscription Management tool for finding and reporting Red Hat product usage
Details: Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,
identifies, and reports environment data, or facts, such as the number of physical and virtual
systems on a network, their operating systems, and relevant configuration data stored within
them. Discovery also identifies and reports more detailed facts for some versions of key
Red Hat packages and products that it finds in the network.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Python/CPython that does not disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols(), which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information.
CWE-20 - Improper Input Validation
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.
4.7 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:
~~~
echo 0 > /proc/sys/fs/suid_dumpable
~~~
While this mitigates this vulnerability while it's not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.
A denial-of-service (DoS) vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.
4.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A vulnerability in Python’s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.
4.0 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A zip file handling flaw has been discovered in the python standard library `zipfile` module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations.
4.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
6.2 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the 'ulimit' shell built-in or the 'limits.conf' file.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ (‘-k’), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.
5.6 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.
A flaw was found in Django. The django.utils.archive.extract() function, used by startapp --templateand startproject --template, allowed partial directory-traversal via an archive with file paths sharing a common prefix with the target directory.
8.8 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code execution.
5.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
A flaw was found in OpenSSH where the SSH client accepted \0 (null) characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up.
5.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
A flaw was found in Django. This vulnerability allows a remote attacker to cause a potential denial-of-service (DoS) attack triggering Central Processing Unit (CPU) and memory exhaustion via specially crafted Extensible Markup Language (XML) input processed by the XML Deserializer.
7.5 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API.
7.1 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.
7.5 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.
A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.
7.1 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management.
7.1 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
The containers required to run Discovery can be installed through discovery-installer
RPM. See the official documentation for more details.
https://access.redhat.com/errata/RHSA-2026:0414
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A Subscription Management tool for finding and reporting Red Hat product usage",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,\nidentifies, and reports environment data, or facts, such as the number of physical and virtual\nsystems on a network, their operating systems, and relevant configuration data stored within\nthem. Discovery also identifies and reports more detailed facts for some versions of key\nRed Hat packages and products that it finds in the network.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0414",
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-5642",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4598",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59682",
"url": "https://access.redhat.com/security/cve/CVE-2025-59682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6075",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64460",
"url": "https://access.redhat.com/security/cve/CVE-2025-64460"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64720",
"url": "https://access.redhat.com/security/cve/CVE-2025-64720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65018",
"url": "https://access.redhat.com/security/cve/CVE-2025-65018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66293",
"url": "https://access.redhat.com/security/cve/CVE-2025-66293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery",
"url": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0414.json"
}
],
"title": "Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage",
"tracking": {
"current_release_date": "2026-04-14T09:16:29+00:00",
"generator": {
"date": "2026-04-14T09:16:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:0414",
"initial_release_date": "2026-01-08T22:34:17+00:00",
"revision_history": [
{
"date": "2026-01-08T22:34:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-08T22:34:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T09:16:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Discovery 2",
"product": {
"name": "Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:discovery:2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Ad4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767888970"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767904573"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3A75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767888970"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767904573"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294682"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python/CPython that does not disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols(), which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with a Low severity due to NPN not being widely used and specifying an empty list is likely uncommon in practice. Typically, a protocol name would be configured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "RHBZ#2294682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-05-29T19:04:54.578000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369242"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was rated as having a severity of Moderate due to the complexity to exploit this flaw. The attacker needs to setup a way to win the race condition and have an unprivileged local account to successfully exploit this vulnerability.\n\nBy default Red Hat Enterprise Linux 8 doesn\u0027t allow systemd-coredump to create dumps of SUID programs as the /proc/sys/fs/suid_dumpable is set to 0, disabling by default this capability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "RHBZ#2369242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/29/3",
"url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
}
],
"release_date": "2025-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
},
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-6075",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-31T17:01:47.052517+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408891"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in Python\u2019s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Quadratic complexity in os.path.expandvars() with user-controlled template",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low rather than Moderate because it only causes a performance inefficiency without affecting code execution, data integrity, or confidentiality. The flaw lies in the algorithmic complexity of os.path.expandvars(), which can become quadratic when processing crafted input containing repetitive or nested environment variable references. Exploitation requires the attacker to control the input string passed to this function, which is uncommon in secure applications. Moreover, the impact is limited to increased CPU utilization and potential slowdown, not system compromise or data manipulation. Since the issue does not introduce memory corruption, privilege escalation, or information disclosure risks, its overall impact scope and exploitability are minimal, justifying a Low severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "RHBZ#2408891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/136065",
"url": "https://github.com/python/cpython/issues/136065"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"
}
],
"release_date": "2025-10-31T16:41:34.983000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Quadratic complexity in os.path.expandvars() with user-controlled template"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "A zip file handling flaw has been discovered in the python standard library `zipfile` module. The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the \u0027zipfile\u0027 module compared to other ZIP implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59682",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-30T13:18:31.746000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The django.utils.archive.extract() function, used by startapp --templateand startproject --template, allowed partial directory-traversal via an archive with file paths sharing a common prefix with the target directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "django: Potential partial directory-traversal via archive.extract()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59682"
},
{
"category": "external",
"summary": "RHBZ#2400450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59682"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59682",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59682"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "django: Potential partial directory-traversal via archive.extract()"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSH where control characters in usernames were not properly validated when sourced from untrusted inputs like the command line or configuration expansion. If a ProxyCommand is used, these control characters could modify command behavior, potentially leading to code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSH where the SSH client accepted \\0 (null) characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-64460",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-12-02T16:01:05.300335+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. This vulnerability allows a remote attacker to cause a potential denial-of-service (DoS) attack triggering Central Processing Unit (CPU) and memory exhaustion via specially crafted Extensible Markup Language (XML) input processed by the XML Deserializer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: Algorithmic complexity in XML Deserializer leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that process XML input using Django\u0027s XML Deserializer, including Red Hat Ansible Automation Platform, Red Hat OpenStack Platform, and OpenShift Service Mesh. A remote attacker can exploit this flaw by providing specially crafted XML, leading to a denial-of-service due to CPU and memory exhaustion.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64460"
},
{
"category": "external",
"summary": "RHBZ#2418366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/",
"url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/"
}
],
"release_date": "2025-12-02T15:15:34.451000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Django: Django: Algorithmic complexity in XML Deserializer leads to denial of service"
},
{
"cve": "CVE-2025-64720",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-25T00:00:54.081073+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416904"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha \u00d7 257 required by the simplified PNG API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64720"
},
{
"category": "external",
"summary": "RHBZ#2416904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643",
"url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/686",
"url": "https://github.com/pnggroup/libpng/issues/686"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/pull/751",
"url": "https://github.com/pnggroup/libpng/pull/751"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww"
}
],
"release_date": "2025-11-24T23:45:38.315000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG buffer overflow"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-11-17T18:01:28.077927+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "RHBZ#2415451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
"url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
"url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
}
],
"release_date": "2025-11-17T17:29:08.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
},
{
"cve": "CVE-2025-65018",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-25T00:01:05.570152+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416907"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG heap buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. A heap buffer overflow exists in the libpng library\u0027s png_image_finish_read function when processing specially crafted 16-bit interlaced PNG images with an 8-bit output format. Successful exploitation requires a user or an automated system to process a malicious PNG file, which could lead to application crashes or arbitrary code execution.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65018"
},
{
"category": "external",
"summary": "RHBZ#2416907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
"url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
"url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/755",
"url": "https://github.com/pnggroup/libpng/issues/755"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/pull/757",
"url": "https://github.com/pnggroup/libpng/pull/757"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
}
],
"release_date": "2025-11-24T23:50:18.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG heap buffer overflow"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66293",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-03T21:00:59.956903+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418711"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated this vulnerability as Important as it affects libpng, a widely used library for PNG image processing. The flaw is due to an out-of-bounds read in libpng\u2019s simplified API when handling specially crafted PNG images containing partial transparency and gamma correction data. Successful exploitation could result in information disclosure or cause application crashes in applications processing untrusted PNG content.\n\nFor `java-17-openjdk-headless` and `java-21-openjdk-headless`, while the affected code is present in the bundled sources, it is not exercised by these headless packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66293"
},
{
"category": "external",
"summary": "RHBZ#2418711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
"url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
"url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/764",
"url": "https://github.com/pnggroup/libpng/issues/764"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
}
],
"release_date": "2025-12-03T20:33:57.086000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
}
]
}
RHSA-2026:0518
Vulnerability from csaf_redhat - Published: 2026-01-13 16:03 - Updated: 2026-04-13 20:14Summary
Red Hat Security Advisory: Red Hat Quay 3.16.1
Severity
Important
Notes
Topic: Red Hat Quay 3.16.1 is now available with bug fixes.
Details: Quay 3.16.1
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:0518
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:0518
Workaround
To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:0518
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.16.1 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.16.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0518",
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0518.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.16.1",
"tracking": {
"current_release_date": "2026-04-13T20:14:08+00:00",
"generator": {
"date": "2026-04-13T20:14:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:0518",
"initial_release_date": "2026-01-13T16:03:52+00:00",
"revision_history": [
{
"date": "2026-01-13T16:03:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-13T16:04:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-13T20:14:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.16",
"product": {
"name": "Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3Ac1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Aa0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Ab89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3Ad209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ac7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3Aa1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ad723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ab291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3Aff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3Abf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ad9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ae8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970174"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Abe10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767980647"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3A0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
}
]
}
RHSA-2025:22941
Vulnerability from csaf_redhat - Published: 2025-12-09 15:24 - Updated: 2026-04-14 02:01Summary
Red Hat Security Advisory: Kiali 2.17.2 for Red Hat OpenShift Service Mesh 3.2
Severity
Important
Notes
Topic: Kiali 2.17.2 for Red Hat OpenShift Service Mesh 3.2
Details: Kiali 2.17.2, for Red Hat OpenShift Service Mesh 3.2, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
* kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
* kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
* kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat
https://access.redhat.com/errata/RHSA-2025:22941
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.
7.5 (High)
Vendor Fix
See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat
https://access.redhat.com/errata/RHSA-2025:22941
Workaround
To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat
https://access.redhat.com/errata/RHSA-2025:22941
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.17.2 for Red Hat OpenShift Service Mesh 3.2",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.17.2, for Red Hat OpenShift Service Mesh 3.2, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)\n\n* kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22941",
"url": "https://access.redhat.com/errata/RHSA-2025:22941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-64756",
"url": "https://access.redhat.com/security/cve/cve-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-66031",
"url": "https://access.redhat.com/security/cve/cve-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-12816",
"url": "https://access.redhat.com/security/cve/cve-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22941.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.17.2 for Red Hat OpenShift Service Mesh 3.2",
"tracking": {
"current_release_date": "2026-04-14T02:01:49+00:00",
"generator": {
"date": "2026-04-14T02:01:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2025:22941",
"initial_release_date": "2025-12-09T15:24:58+00:00",
"revision_history": [
{
"date": "2025-12-09T15:24:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-12T21:35:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T02:01:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.2",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764836459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764846196"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764756143"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764788140"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764836459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764756143"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764788140"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764836459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764756143"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764788140"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764836459"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764756143"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.17.2-1764788140"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T15:24:58+00:00",
"details": "See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-11-17T18:01:28.077927+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "RHBZ#2415451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
"url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
"url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
}
],
"release_date": "2025-11-17T17:29:08.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T15:24:58+00:00",
"details": "See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22941"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T15:24:58+00:00",
"details": "See Kiali 2.17.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:35096e1737e500ad148e9f5ca2a14554a5e1b4f3104782f00e8322352e365833_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:64308943c63d677df745451e7a9b9136e23b815c9d1950d6cf46b53859834655_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7d670f57a84d17b7be55c897a286654b44f75abeafd81669f89467320018b4ef_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8075a2d2d3d00efdce0280e00fa2724d339703a236ef7c74e546c4f0ce023d9b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:94c2091f1a4fad7ec534e36a2ae0f791e1519cc8f74b294c75fa70745503c619_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:2610bd2778ce5d510b897730832b5c50fa23cc795e2830359bf93d3bcbc1fbcf_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:682b27706746f68c4afd33a69b9a0c930bdcf87f34eaafe75d1c2f9fe9b49718_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9881a311d7f2b6e50f92bfc86716c4aecd215d2a85f54baaa8930904bf93d06e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:9cbb0a22e03aad2e8d773c5e919706a303e7b4cbdbfc5853d310afe2f0d73f3c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:04c798a54632613681f4ff9d07b88b79722dba1cdba1a6e8166ec94a252a81e6_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:078340c685503fbb211a66d8016d795a647881e735f5d9f9e89a39e64f21b5cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2de7e4731db7bb2181168aba0de859a06ab1ae13ff8c7b175cde337541925c5d_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7300cdba75b669bad1039d5b816e82b48cd3d7f5763b187e5a23538c6c98ff27_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
}
]
}
RHSA-2026:2900
Vulnerability from csaf_redhat - Published: 2026-02-18 08:39 - Updated: 2026-04-14 09:16Summary
Red Hat Security Advisory: Network Observability 1.11.0 for OpenShift
Severity
Important
Notes
Topic: Network Observability 1.11 for Red Hat OpenShift.
Details: Network flows collector and monitoring solution.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
The system administrator on the host can manually chmod the directories to not
have group or world accessible permissions:
```
chmod 700 /var/lib/containerd
chmod 700 /run/containerd/io.containerd.grpc.v1.cri
chmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim
```
An alternative mitigation would be to run containerd in rootless mode.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
8.2 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in containerd. This vulnerability allows a user to exhaust memory on the host due to goroutine leaks via a bug in the CRI (Container Runtime Interface) Attach implementation.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the system.
8.2 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink creation, enabling the attacker to create hardlinks to arbitrary files outside the intended extraction directory. This could lead to unauthorized information disclosure or further system compromise.
8.2 (High)
Vendor Fix
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2900
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.11 for Red Hat OpenShift.",
"title": "Topic"
},
{
"category": "general",
"text": "Network flows collector and monitoring solution.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2900",
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64329",
"url": "https://access.redhat.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-23745",
"url": "https://access.redhat.com/security/cve/CVE-2026-23745"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24842",
"url": "https://access.redhat.com/security/cve/CVE-2026-24842"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html",
"url": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2900.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.11.0 for OpenShift",
"tracking": {
"current_release_date": "2026-04-14T09:16:54+00:00",
"generator": {
"date": "2026-04-14T09:16:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:2900",
"initial_release_date": "2026-02-18T08:39:41+00:00",
"revision_history": [
{
"date": "2026-02-18T08:39:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-18T08:39:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T09:16:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Network Observability (NETOBSERV) 1.11.1",
"product": {
"name": "Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.11::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability (NETOBSERV)"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3Aa852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3Aa9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256%3A6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771231259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3Ac2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Ae72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3Acfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Af85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3Abb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 as a component of Network Observability (NETOBSERV) 1.11.1",
"product_id": "Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-64329",
"cwe": {
"id": "CWE-771",
"name": "Missing Reference to Active Allocated Resource"
},
"discovery_date": "2025-11-07T05:01:08.634160+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413299"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd. This vulnerability allows a user to exhaust memory on the host due to goroutine leaks via a bug in the CRI (Container Runtime Interface) Attach implementation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Memory exhaustion via CRI Attach implementation goroutine leaks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The highest threat of this vulnerability is to system availability. A flaw in containerd\u0027s CRI Attach implementation allows a user to exhaust memory on the host due to goroutine leaks, leading to a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "RHBZ#2413299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64329"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df",
"url": "https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2"
}
],
"release_date": "2025-11-07T04:15:09.381000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/containerd/containerd: containerd: Memory exhaustion via CRI Attach implementation goroutine leaks"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-23745",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-16T23:01:26.508727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the node-tar library. The flaw allows an attacker to perform arbitrary file overwrite and symlink poisoning by crafting malicious tar archives. This occurs due to insufficient path sanitization of hardlink and symbolic link entries, even when the default secure behavior (preservePaths is false) is enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23745"
},
{
"category": "external",
"summary": "RHBZ#2430538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e",
"url": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97"
}
],
"release_date": "2026-01-16T22:00:08.769000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24842",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-01-28T01:01:16.886629+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink creation, enabling the attacker to create hardlinks to arbitrary files outside the intended extraction directory. This could lead to unauthorized information disclosure or further system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT vulnerability in node-tar, a Node.js module for handling TAR archives. The flaw allows an attacker to bypass path traversal protections by crafting a malicious TAR archive. This could lead to the creation of hardlinks to arbitrary files outside the intended extraction directory, potentially resulting in unauthorized information disclosure or further system compromise in affected Red Hat products utilizing node-tar for archive processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24842"
},
{
"category": "external",
"summary": "RHBZ#2433645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46",
"url": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v"
}
],
"release_date": "2026-01-28T00:20:13.261000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.1:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check"
}
]
}
RHSA-2026:2106
Vulnerability from csaf_redhat - Published: 2026-02-05 13:38 - Updated: 2026-04-14 07:57Summary
Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.25.2 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.
8.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
This vulnerability in fontTools varLib allows a crafted .designspace file to trigger arbitrary file writes and XML-based content injection during variable-font generation. Because filenames are not sanitized, an attacker can use path traversal to overwrite files anywhere on the filesystem, and malicious payloads embedded in XML labelname elements can be injected directly into the generated output. When these overwritten files reside in executable or web-served locations, this can enable local remote-code execution or corruption of application or configuration files. The issue affects the varLib CLI and any code that invokes fontTools.varLib.main().
6.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
To mitigate this issue, avoid processing untrusted .designspace files with the fontTools varLib script or any application that invokes fontTools.varLib.main(). Restrict the execution environment of processes handling .designspace files to minimize potential impact from arbitrary file writes. If the fonttools package is not required, consider removing it.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
8.3 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A denial of service flaw has been discovered in the Tornado networking library. In Tornado, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using string concatenation when the same header name is repeated, causing a Denial of Service (DoS). Due to Python string immutability, each concatenation copies the entire string, resulting in O(n²) time complexity.
5.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The _parseparam function in httputil.py is used to parse specific HTTP header values, such as those in multipart/form-data and repeatedly calls string.count() within a nested loop while processing quoted semicolons. If an attacker sends a request with a large number of maliciously crafted parameters in a Content-Disposition header, the server's CPU usage increases quadratically (O(n²)) during parsing. Due to Tornado's single event loop architecture, a single malicious request can cause the entire server to become unresponsive for an extended period.
5.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.
A flaw was found in KEDA, a Kubernetes-based Event Driven Autoscaling component. This arbitrary file read vulnerability allows an attacker with permissions to create or modify a TriggerAuthentication resource to read any file from the node's filesystem where the KEDA pod resides. This is due to insufficient path validation when handling Service Account Tokens during HashiCorp Vault authentication. Successful exploitation can lead to the exfiltration of sensitive system information, such as secrets or configuration files.
7.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.25.2 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2106",
"url": "https://access.redhat.com/errata/RHSA-2026:2106"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12805",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66034",
"url": "https://access.redhat.com/security/cve/CVE-2025-66034"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-67725",
"url": "https://access.redhat.com/security/cve/CVE-2025-67725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-67726",
"url": "https://access.redhat.com/security/cve/CVE-2025-67726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68476",
"url": "https://access.redhat.com/security/cve/CVE-2025-68476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2106.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-04-14T07:57:59+00:00",
"generator": {
"date": "2026-04-14T07:57:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:2106",
"initial_release_date": "2026-02-05T13:38:32+00:00",
"revision_history": [
{
"date": "2026-02-05T13:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-05T13:38:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-14T07:57:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.25",
"product": {
"name": "Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.25::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-nlp-rhel9@sha256%3A11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-tgis-serving-rhel9@sha256%3A81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053804"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223637"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3A873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3Aaf3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3Abf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3Aa990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Ad88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3Afb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3Adeb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Aa1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-core-rhel9@sha256%3A4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770237759"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3Afa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-inference-scheduler-rhel9@sha256%3Ab491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-routing-sidecar-rhel9@sha256%3Ad60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053694"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3Ab9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3Abf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3A20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Aed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3A47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211368"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3Aeadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3Abc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3Af2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3A4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3A6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053928"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3Ad87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product_id": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-openvino-model-server-rhel9@sha256%3Afbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054044"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770268016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Ac16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3Ad17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3Ac35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256%3A0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053703"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256%3Aa202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053831"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256%3Ae18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053721"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256%3A6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053740"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256%3A3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053864"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3Afb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-cuda121-torch24-py311-rhel9@sha256%3A3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053627"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-cuda124-torch25-py311-rhel9@sha256%3A67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053626"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-rocm62-torch24-py311-rhel9@sha256%3A2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053822"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-rocm62-torch25-py311-rhel9@sha256%3A96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053784"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3A9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3Aa5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cuda-rhel9@sha256%3A1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770059269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-gaudi-rhel9@sha256%3Aa2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-rocm-rhel9@sha256%3A7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053785"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3A2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3Accb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256%3A47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256%3A158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053728"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256%3Afbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053730"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256%3Afec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053829"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256%3Ab19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053864"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256%3Abcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053748"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256%3A85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3Ab14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-nlp-rhel9@sha256%3A70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-tgis-serving-rhel9@sha256%3A4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053804"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223637"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3Ac8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3A14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Aa8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3A50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Acd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-core-rhel9@sha256%3Aef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770237759"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3Ac0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-inference-scheduler-rhel9@sha256%3Ab6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-routing-sidecar-rhel9@sha256%3A9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053694"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3Abe7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3A67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3Ac3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Af3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3Aab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3A45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211368"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3Af632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3Ad4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3Ad4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3Aa977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3Ac05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3Aef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3Ad0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053928"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3Aab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Ae6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3A00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256%3Afa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053740"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3A7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3Ac0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cuda-rhel9@sha256%3A78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770059269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3A012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3Ab15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256%3A0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256%3A1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053748"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3A992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3Aa389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3Af7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3A81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3A2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Aa7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3Abef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3Aebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3Ae15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Af77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3Ae465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3Aa4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Aef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3Ad017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3A67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3Abcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3Ad0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3Ab5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3Ad2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770116416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3Ab1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3Adc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3Ac73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Abdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3Af2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3Abd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Ae440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3Aa17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3A16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3A9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3Aaf384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3Aeed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3A4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3A2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770116416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12805",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"discovery_date": "2025-11-06T13:38:39.035000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413101"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user\u2019s Llama Stack instance and potentially view or manipulate sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT flaw in Red Hat OpenShift AI (RHOAI). The `llama-stack-operator` fails to implement a `NetworkPolicy`, enabling unauthorized access to Llama Stack services across different namespaces. This allows users to potentially view or manipulate sensitive data belonging to other users within the same RHOAI instance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "RHBZ#2413101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413101"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805"
}
],
"release_date": "2025-12-31T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T13:38:32+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2106"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd6