Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-22868 (GCVE-0-2025-22868)
Vulnerability from cvelistv5 – Published: 2025-02-26 03:07 – Updated: 2025-02-26 14:46
VLAI
EPSS
Title
Unexpected memory consumption during token parsing in golang.org/x/oauth2
Summary
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/oauth2 | golang.org/x/oauth2/jws |
Affected:
0 , < 0.27.0
(semver)
|
Credits
jub0bs
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:45:27.246610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T14:46:20.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/oauth2/jws",
"product": "golang.org/x/oauth2/jws",
"programRoutines": [
{
"name": "Verify"
}
],
"vendor": "golang.org/x/oauth2",
"versions": [
{
"lessThan": "0.27.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "jub0bs"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T03:07:49.012Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/652155"
},
{
"url": "https://go.dev/issue/71490"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"title": "Unexpected memory consumption during token parsing in golang.org/x/oauth2"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22868",
"datePublished": "2025-02-26T03:07:49.012Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-02-26T14:46:20.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-22868",
"date": "2026-06-07",
"epss": "0.00125",
"percentile": "0.31182"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-22868\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-02-26T08:14:24.897\",\"lastModified\":\"2025-05-01T19:27:10.430\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.\"},{\"lang\":\"es\",\"value\":\"Un atacante puede pasar un token malintencionado que provoque un consumo inesperado de memoria durante el an\u00e1lisis.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go:jws:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.27.0\",\"matchCriteriaId\":\"F28A0D5F-0E79-4646-9A95-3139A525D7AC\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/652155\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/71490\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3488\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-02-26T03:07:49.012Z\"}, \"title\": \"Unexpected memory consumption during token parsing in golang.org/x/oauth2\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.\"}], \"affected\": [{\"vendor\": \"golang.org/x/oauth2\", \"product\": \"golang.org/x/oauth2/jws\", \"collectionURL\": \"https://pkg.go.dev\", \"packageName\": \"golang.org/x/oauth2/jws\", \"versions\": [{\"version\": \"0\", \"lessThan\": \"0.27.0\", \"status\": \"affected\", \"versionType\": \"semver\"}], \"programRoutines\": [{\"name\": \"Verify\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-1286: Improper Validation of Syntactic Correctness of Input\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/652155\"}, {\"url\": \"https://go.dev/issue/71490\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3488\"}], \"credits\": [{\"lang\": \"en\", \"value\": \"jub0bs\"}]}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22868\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-26T14:45:27.246610Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1286\", \"description\": \"CWE-1286 Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-26T14:45:55.061Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2025-22868\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Go\", \"dateReserved\": \"2025-01-08T19:11:42.834Z\", \"datePublished\": \"2025-02-26T03:07:49.012Z\", \"dateUpdated\": \"2025-02-26T14:46:20.671Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:23209
Vulnerability from csaf_redhat - Published: 2025-12-15 15:50 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (TPU)
Severity
Important
Notes
Topic: Red Hat AI Inference Server 3.2.5 (TPU) is now available.
Details: Red Hat® AI Inference Server
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
5.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
6.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
75 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (TPU) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23209",
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23209.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (TPU)",
"tracking": {
"current_release_date": "2026-06-08T03:39:24+00:00",
"generator": {
"date": "2026-06-08T03:39:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23209",
"initial_release_date": "2025-12-15T15:50:15+00:00",
"revision_history": [
{
"date": "2025-12-15T15:50:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T15:50:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-tpu-rhel9@sha256%3A64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552619"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:23449
Vulnerability from csaf_redhat - Published: 2025-12-17 08:22 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)
Severity
Important
Notes
Topic: Red Hat AI Inference Server 3.2.5 (ROCm) is now available.
Details: Red Hat® AI Inference Server
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
5.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
6.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
84 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23449",
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23449.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)",
"tracking": {
"current_release_date": "2026-06-08T03:39:27+00:00",
"generator": {
"date": "2026-06-08T03:39:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23449",
"initial_release_date": "2025-12-17T08:22:31+00:00",
"revision_history": [
{
"date": "2025-12-17T08:22:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T08:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3Ac5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552603"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:23534
Vulnerability from csaf_redhat - Published: 2025-12-17 15:37 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.2.7
Severity
Important
Notes
Topic: Logging for Red Hat OpenShift - 6.2.7
Details: Red Hat OpenShift Logging 6.2.7 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
19 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.2.7",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.2.7 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23534",
"url": "https://access.redhat.com/errata/RHSA-2025:23534"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-30204",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23534.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.2.7",
"tracking": {
"current_release_date": "2026-06-08T03:39:28+00:00",
"generator": {
"date": "2026-06-08T03:39:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23534",
"initial_release_date": "2025-12-17T15:37:08+00:00",
"revision_history": [
{
"date": "2025-12-17T15:37:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T15:37:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6.2",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.2::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3A912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Ac88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Affe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Aaed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3Aa1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Ab368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Acd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Ad0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Adfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Aba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Aeebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Af6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Adc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.2",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T15:37:08+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/ocp-4-18-release-notes\n\nFor Red Hat OpenShift Logging 6.2, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.2",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23534"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T15:37:08+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/ocp-4-18-release-notes\n\nFor Red Hat OpenShift Logging 6.2, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.2",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23534"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:912e0be15a46e77b2495db1dad335edc4116027c342698cedd8e7718cc15a5c1_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:11d2e6ca9a3406ebc4e4426efe4b27b70775b9f74ebe79a3b144d6a975cb7532_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:56402df10d454bad662e726383c0d71da8d5f5b52993e4a4d041a247897061c2_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:aed9911a4013cf031cf7397f91f5dc07390b07f13d08df37fa8bb8c3c89fc36d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f6c2983c766aa0781a38d8990c9fa806c78dd699ebfe4206cd25f0480bc44831_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:10df3b13ce20f4b96be7f56ab50e164086194c785e565325ad392f016bd4c6c0_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:424cf4c9f4df5a3f958b68869a3cad6dcda351fd863edc9e33b7da30c71f626e_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:467699207e663131466c2ca929090adec4692515cae4af4c104de59286143701_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d0ce4099e7b19248523f1833225482d31af789934bb82ddae9c41546a4109b06_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0b84d9a2faa81ad599adc3403de1af7d049979df177e4725b214b4a66335abc1_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0f8658ed23924a3b59fda14288d721fcd5ee4750d1060c316af1c2cb0180dbca_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:4fe3dddaba9e364d1e8a90e7d4b830824a22ace6af8a79504034af12a37161e8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:a1c17a5607dee49ab89c2e17cbc37db80c17db8a5e43b57df55e447067dcab3c_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1a20be1b195c25223f0f39fe34f2cebdff157cd5a9759e98d9926188303badc0_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:1c6090d7388df3d04171d6424f305f27d0e94e8e3e3fcd9ce01ee10228458232_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:6caf0c59ba27523f927bbd3beee510883ecf9b07ca43478012c3082c44116c0a_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9d75a5f20193ebc028931123bd305bff0404c73949eb4e9364b239a198016de8_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:7122d656b12bd9ae0c0db81acf99778d5e7ebe570e203eb1fa87a981cc9aa81e_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:0f0d94828898971bd34ca73af416ccaa11d52772beeb5346cff9ed27d6f6b0a0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:ba0c576afe3876ea101af54d5073092f89833585c2d52422d7130f3f337e3a5f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:c88d0b886366991bb212aa43f5c983f284f8ebeb9da44c64f08324c2ba2d999d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:cd039ebbae3373ec31196541193114e5ac90facb6d23e05b3a9080dd7539a805_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:3c5bc1f3096debe90dfbad33db5b844ec82ae576bcf0f7a6344f79b2f146b9de_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:84f8582df47c806c2fc8ebcee9c3a0dd1b440fb830618b8c7dbea717d381440e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:94cd467b2d31f9768d1259169654739a311a43a7983f250bbee397c2a85f3f34_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ffe4ec982e1838027e7f70ff71adcead812cbb5f4b446e6ec835a42083533b50_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:2e861ab6966c4cb4739f26a0b27367ca909ebcdd854c5834e1fed861b05f6dce_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:6b60f5aa59999d2cb5cdef94189f8b2d0d637bc97ddfa4cdbe312e823d02f0d9_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:89e70e5e65669b1bdc846bdd51a731832b006e537dccdf9262df2105c72f9beb_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:eebc9c9a55f853cbeec80b1a9de0680544a22f4e0b0cfe448d97df68510c3c6c_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:09d3f0c9faad3f4535b74fadfc968a1ca5f050612a1e97c1213ea7912c93f5a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:b368a5eb4d4782485763240c2b24e476117d8a7e17d0b39839a733f8e60e9f02_arm64",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dc69c9c31f053dac9d43a18a551c07e2ffbfca93d7957cc2ab842c7ff3013426_s390x",
"Logging Subsystem for Red Hat OpenShift 6.2:registry.redhat.io/openshift-logging/vector-rhel9@sha256:dfd187d0ffc8597b30060d9b74e39505dae34783c2560cefc3b2ea5dfb1f4993_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
RHSA-2025:23535
Vulnerability from csaf_redhat - Published: 2025-12-17 15:38 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.12
Severity
Important
Notes
Topic: Logging for Red Hat OpenShift - 6.0.12
Details: Red Hat OpenShift Logging 6.0.12 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64 | — |
Workaround
|
Threats
Impact
Important
References
19 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.0.12",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.0.12 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23535",
"url": "https://access.redhat.com/errata/RHSA-2025:23535"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-30204",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23535.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.12",
"tracking": {
"current_release_date": "2026-06-08T03:39:29+00:00",
"generator": {
"date": "2026-06-08T03:39:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23535",
"initial_release_date": "2025-12-17T15:38:59+00:00",
"revision_history": [
{
"date": "2025-12-17T15:38:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T15:39:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.0::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3A83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Abce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Afc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Af8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ac526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Ac86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Aa658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Af983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Ae6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ac1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Ae2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ab7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6",
"product_id": "Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T15:38:59+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23535"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T15:38:59+00:00",
"details": "For OpenShift Container Platform 4.16 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/release_notes/ocp-4-16-release-notes\n\nFor Red Hat OpenShift Logging 6.0, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.0",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23535"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:83771fed3881ab61f5b3d7aa11db0a86b7c87237197d191d54735b60e01e7939_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:345b9e0c00ef641102898314742bdd4be793f899dcf6dec430da6abc5ab53e8a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:5dcec9384f1f7189ad363dac7efcd8932359b0fa6e3e9310c7d244ef7ef1aa09_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:97d0150d7260df28c6c41f528f454ce7855109ccc59b04e221e8b87ea75eed0b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:e2afd43aea7d4e6bb10d60585bf527686b216ca6c211027b9afa53a8be820eed_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:045e31d27e80898d582539e4aede878b7366846ea743d48f20a9eb33464d6489_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:0cad06e0ff93ba51a793a960e309ee53d88de910b0c009569d03b6c03457656b_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:131fd2a11c0b6911a0aefa29cef7ad6dcb7618ef0324246bb3303bc3c91c7cf9_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:bce21467c15cd0a822dbde6b5943b1c6f68c915b9893222fca0111da8b11d399_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1b40836fec3571e4a9710120874fc75de3f6ea38829c8860d53b8e3ed76e632f_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:2c71346ac12a1f5aa121ec082f3bc1723bfd77742310f73edae7df13cf65a151_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:829d2c60e16e59d8311d7348edac73677a9839378264b1d6a82215307a6b9f22_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:8c2ac63098801c50b78c588c7e29e7c3748a156874305437804e1e61e07129d3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:26bae3fe2cfa6bfd4c66f074b637b6be3ee491a8fcf59ea7f272849e2ee7d38e_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:2bf16d5208f908a6f26a8d193b344bd3eef69f2d766fc2a859a5e216c5c58656_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:61652d19b8a6ca9b9c6dc34b7bfc2415ef2684fcc86bf94a098e5b03a9c24fe4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:9c3e5a34329dff33a1a29dae8a96ee24212edb032e10b9cccf345c5bdf6ac2a5_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:296f123cd3f5d397abc51c241c57a225dc3b8d2bfd32bbef0fe8d6e77fc48c33_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:15b49a85899061c8cf0172c067896833eb8810115b1bfe231cd5a41125392f91_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4bf78ed2299f3f0c7029d1f37e35f3df7a24e0213a5efe9c967fba4d5559f990_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:7f972a0d3252fca8b8b99bae6a03e5e1648a5ec8a435e07d996975e757a6cb24_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:e6ce4dbcb87786295696d784fe039b7275c1bbc9a6bdecb0d2e9ec5b6922bc7a_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:0744387e8b3383f621b53242f7dddb77546321d4d7e5094526a88c9dcf3b9d82_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:7ffb21d2bd7207dcd7ce33fccf7d779f08931f1bfd823172b56a2eff7124dd75_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ece2162f631dddd7c91041ed0fd0c4446a322128593704be8e672e60660a86e1_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:f8ba2cca143df538ffa21825d95789497207c3c9207f10ff8ba4c00c48797fa0_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:a658762b93bc3e3113760b6778c45165a25c23144c354f5372a50ea197987b87_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:b7dc0077d567dc8ec652909bdb9b95119d8178677d5fb0aad9c4055edee37287_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c1627f33e642d33da6bafd402f48649c32d10ad85cb3ab18c1058374767cc3e8_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:c526292a6f136a436dcb33b4bd7d63cb454492a83aead840b5cd912b814c2620_amd64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:31eda02b3898d93abdeedae01a898ae4f96325c3fc878e35da1c1438fe867790_s390x",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:c86e4792ce5c5312c7b5e08532c9b7eba932f4f93f49d335f57c5bc421e8c74c_arm64",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:f983defb833d61c9fb652ea9d43ec60ba57b3c822eccd7a3b930728d413275a2_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6:registry.redhat.io/openshift-logging/vector-rhel9@sha256:fc793a57ed674bfab7bfa3fe90712ea139d5ac4c10bc248e2af053354aa59d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
RHSA-2025:2526
Vulnerability from csaf_redhat - Published: 2025-03-10 15:51 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: ACS 4.5 enhancement update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Details: This release of RHACS 4.5 provides these changes:
- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security (RHACS).",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.5 provides these changes:\n\n- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2526",
"url": "https://access.redhat.com/errata/RHSA-2025:2526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45"
},
{
"category": "external",
"summary": "ROX-28410",
"url": "https://issues.redhat.com/browse/ROX-28410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2526.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.5 enhancement update",
"tracking": {
"current_release_date": "2026-06-08T03:39:33+00:00",
"generator": {
"date": "2026-06-08T03:39:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:2526",
"initial_release_date": "2025-03-10T15:51:20+00:00",
"revision_history": [
{
"date": "2025-03-10T15:51:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-10T15:51:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.5 for RHEL 8",
"product": {
"name": "RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-10T15:51:20+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.7.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2526"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
}
]
}
RHSA-2025:2567
Vulnerability from csaf_redhat - Published: 2025-03-10 20:14 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: ACS 4.6 enhancement and security update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Details: This release of RHACS 4.6 provides these changes:
- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security (RHACS).",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.6 provides these changes:\n\n- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2567",
"url": "https://access.redhat.com/errata/RHSA-2025:2567"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.6/html/release_notes/release-notes-46",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.6/html/release_notes/release-notes-46"
},
{
"category": "external",
"summary": "ROX-28411",
"url": "https://issues.redhat.com/browse/ROX-28411"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2567.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.6 enhancement and security update",
"tracking": {
"current_release_date": "2026-06-08T03:39:35+00:00",
"generator": {
"date": "2026-06-08T03:39:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:2567",
"initial_release_date": "2025-03-10T20:14:35+00:00",
"revision_history": [
{
"date": "2025-03-10T20:14:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-10T20:14:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.6 for RHEL 8",
"product": {
"name": "RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.6.3-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.6.3-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.6.3-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.6.3-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.6.3-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.6.3-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64 as a component of RHACS 4.6 for RHEL 8",
"product_id": "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64",
"relates_to_product_reference": "8Base-RHACS-4.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-10T20:14:35+00:00",
"details": "If you are using an earlier version of RHACS 4.6, you are advised to upgrade to patch release 4.6.3.",
"product_ids": [
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2567"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07b15722f07c6aa69e280cd2daed10f8b3c8bad6bd3a31f591c84ab44be7ea76_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:22bcae8f251183fd13502b2e3dcb60ba4c10a21bcc098ec7dbedbc43f6bfdc06_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7c88fc89d32d98c435593769974f1726983f78722f7c6eff477cf443a31dbfd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e956f2b8af66f5311726d519361e0337aa3fa3ff7d11eedfbea7664d5409aef8_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:006c810f7830497c6f3c8fdc1cc8dcb9d00c40d3258b0e20e60ba8ebbfb520a5_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:041b51fecd1be95ae973ebb8101596bd387bf2529155e8d888c7346701de170b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:9be86038bbb8172a4eb43ae5997c2d4043c7293c5bfbb8cd41ea8199af7d4249_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:b272824afda722dff38790e5391bc8d65ca35055ce6c1753574bf5e532979145_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:25e42b764ae682ead34cdbf078f944077cd5c7455ed1bcc27effc0f85c25b4b1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4d9016597490a072e5c7f09306a12f9d8eb4f72cccba607e24b2b19cd839d180_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e61c388fff2fb17283e804149cca914d5b04d2ee4f049f0e92b879f50eea24b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fadc18f174ce4d3fd01031993d0341977feadb203a6d18a320c9883e3fe1ff15_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:2d09a66f007bd37715d15af6e645950242ee5adfa4cb1c5e4a27e491b2ae3aec_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a7ddb1741f6e244c0655f503d6ee778799dc3fb53949ca1c8b5a172bd882678c_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:b2859dc9e82e1345cc36422c02fc5643a72266ca7084f6bb29d5e1459e8157c1_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d1a12f3b8c9d8992bf37c0ceae222b6165688399d1d87a49db9131dcb280b348_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:588e9a7db449055473470e0c2102ed551a6d67d26bb6c45415d297f87701c1e2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:74f433e680f61da137e1bc6401c36678c7ec678a490345d3193315ae824831b7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7747827a8207824164b695b13e6c8eb13903bc4fa6f38de52717702da73aa7bc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:94b93df5fa28cf5be5906d86ec35d30cb072de77bda0aa5538d801030bf33330_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:294c0e075d63ffe92c8c2e0bb97c4c4aa5e3ec8156a33caf635ce6e4703395c6_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:2b33a1beb97678b9eb96d41620b5b8cb88deea8781b5dd3edef3bd437b18d2a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:5c8e77c041e366e9b998f0398d3357e437273a8b1c64c8bc08e6df79da1e4a38_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:e71af38ee6dc207ca5cbba7cc11750a9db42f5c33bbc6e1058c48eb9144c5f60_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:36adbb3a6ab325514589df944e14249810d37df356ba20cd8812c60e038786c2_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dcbede28a8ae4b5859354031a0922f985cc18ac0f4818dd9d8cfe639b09a4cc_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9f8d93d6a23797a556925acf46cfa3dda049dad14bd68196d66ab050e2910c92_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d846a29361618a991033b4eca1ca041246dbbea17efb6886f8676cc7b24f596e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:381d4b33332b5803be1ce8b72ee0bb05685d7a346b47a3d57b14ee2664d755a0_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:50730a4ab7931d255b17abb1eb0f9f97d76da09ee14a6e11278c27a6ff0c2550_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:964411cda007fc01f99386fc4acc5c36e4b3d453ebf7a6ce7711f9e2d3e7b0dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a503681fffff78a5666541ba334961331ed09c54549a1613173507b4f949411b_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b8ab1d0636e446f8810676a31c1a0fe351de557fbf39ce35eac2487c136427e_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7344f7aa004d3583d4df76d9b21de953b8342dd5290e3220aab7258d15defa5e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94d1212a14abc4de330621b7de499e4a1cb271099c54b8b3ff195bef3381f4dc_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cd3c004180e23af0991feee00ce5ed1490776c2993286c833115a02fcf8e1c03_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:04caace3e306507f812316bab01adf78f3fc537d5b6fcb89d60890566e5c70bd_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:23a8a5cfa73fbb35510d351c2f0ba3ffc1bc81980b1600a6fb3512a258fd2e5a_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2b6696a6650ffc766d53a8bf585ae811130347fec81d95924eb2d1eefd6ab592_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:de00a482c94945c6f1f46d4aa45b791312d7dd3faa79bc314beaf74e10c9a9e7_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1b2663e14f54b6a31605d284aa92d3136e8cca815bd273814b852f3c148be39e_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2ad541ecfc160de629e901dbc38e89aa03c7e7e7cbe32061739315ae3afdb0a1_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:537183e747df4414d06525432abca7df2938425770097e2b391234a1c901908b_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:829dcad2f3367dbfcc90aa677be120f7801c888c924b15a8bf9445ad9ae993cf_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1ae2b15e3ed23481684ae5c4cb496163da4f5467fa58f283afad0497e69d2dff_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1d2989c7818de56bdcd83dec47c61ead2d163ecbdc7fdcde3e98638e63246017_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:3036f660fc33ee9fd5b8225fab945a1941db91a7332c6ff0e190aceff6f61533_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dfd0770d2de1d54cf9ff5a57e5dd091baf6496216ee0bbc10bb859e3e36f1c67_amd64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:7d358d045bbaffacdeefe8d3859dad3c7937e2ba7c365e83c82cf5ee0cea2745_arm64",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a29d694ab53e0665543da76b49abe1ffb222edac1a3c1d405b134e42a3112c77_ppc64le",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e577b939099798cbb5fc0e31c9781d2a2698a5fd05368e4ab2136173a569e43c_s390x",
"8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eea07dd26602769cfaff48089052c706a69ce406fd7cc794140fc4ddb3f6aeb1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
}
]
}
RHSA-2025:3051
Vulnerability from csaf_redhat - Published: 2025-03-20 04:38 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Gatekeeper v3.17.2
Severity
Important
Notes
Topic: Gatekeeper v3.17.2
Details: Gatekeeper v3.17.2
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.17, users can specify a `containerArguments` list of names
and values for both the audit and webhook configurations to be passed to
the respective deployment. These will be ignored if the argument has
already been set by the operator or specifies an argument listed in the
deny list.
Starting in v3.15, the following namespaces are exempt from admission
control:
* kube-*
* multicluster-engine
* hypershift
* hive
* rhacs-operator
* open-cluster-*
* openshift-*
To disable the default exempt namespaces, set the namespaces you want on
the object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0
* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1
* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
25 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Gatekeeper v3.17.2",
"title": "Topic"
},
{
"category": "general",
"text": "Gatekeeper v3.17.2\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.17, users can specify a `containerArguments` list of names\nand values for both the audit and webhook configurations to be passed to\nthe respective deployment. These will be ignored if the argument has\nalready been set by the operator or specifies an argument listed in the\ndeny list.\n\nStarting in v3.15, the following namespaces are exempt from admission\ncontrol:\n\n* kube-*\n* multicluster-engine\n* hypershift\n* hive\n* rhacs-operator\n* open-cluster-*\n* openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on\nthe object.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0\n* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1\n* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3051",
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-18302",
"url": "https://issues.redhat.com/browse/ACM-18302"
},
{
"category": "external",
"summary": "ACM-18535",
"url": "https://issues.redhat.com/browse/ACM-18535"
},
{
"category": "external",
"summary": "HYPBLD-605",
"url": "https://issues.redhat.com/browse/HYPBLD-605"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3051.json"
}
],
"title": "Red Hat Security Advisory: Gatekeeper v3.17.2",
"tracking": {
"current_release_date": "2026-06-08T03:39:34+00:00",
"generator": {
"date": "2026-06-08T03:39:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3051",
"initial_release_date": "2025-03-20T04:38:00+00:00",
"revision_history": [
{
"date": "2025-03-20T04:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T04:38:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "gatekeeper 3.17 for RHEL 9",
"product": {
"name": "gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:gatekeeper:3.17::el9"
}
}
}
],
"category": "product_family",
"name": "gatekeeper"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product_id": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle\u0026tag=v3.17.2-2"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64"
},
"product_reference": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:38:00+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:38:00+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
RHSA-2025:3053
Vulnerability from csaf_redhat - Published: 2025-03-20 04:55 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: Gatekeeper v3.15.4
Severity
Important
Notes
Topic: Gatekeeper v3.15.4
Details: Gatekeeper v3.15.4
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.15, the following namespaces are exempt from admission control:
- kube-*
- multicluster-engine
- hypershift
- hive
- rhacs-operator
- open-cluster-*
- openshift-*
To disable the default exempt namespaces, set the namespaces you want on the
object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0
* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
24 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Gatekeeper v3.15.4",
"title": "Topic"
},
{
"category": "general",
"text": "Gatekeeper v3.15.4\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.15, the following namespaces are exempt from admission control:\n\n- kube-*\n- multicluster-engine\n- hypershift\n- hive\n- rhacs-operator\n- open-cluster-*\n- openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on the\nobject.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0\n* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3053",
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-18305",
"url": "https://issues.redhat.com/browse/ACM-18305"
},
{
"category": "external",
"summary": "ACM-18536",
"url": "https://issues.redhat.com/browse/ACM-18536"
},
{
"category": "external",
"summary": "HYPBLD-606",
"url": "https://issues.redhat.com/browse/HYPBLD-606"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3053.json"
}
],
"title": "Red Hat Security Advisory: Gatekeeper v3.15.4",
"tracking": {
"current_release_date": "2026-06-08T03:39:36+00:00",
"generator": {
"date": "2026-06-08T03:39:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3053",
"initial_release_date": "2025-03-20T04:55:47+00:00",
"revision_history": [
{
"date": "2025-03-20T04:55:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T04:55:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "gatekeeper 3.15 for RHEL 9",
"product": {
"name": "gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:gatekeeper:3.15::el9"
}
}
}
],
"category": "product_family",
"name": "gatekeeper"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product_id": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle\u0026tag=v3.15.4-1"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64"
},
"product_reference": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:55:47+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:55:47+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
RHSA-2025:3172
Vulnerability from csaf_redhat - Published: 2025-03-25 19:58 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9
Severity
Important
Notes
Topic: VolSync v0.12 general availability release images, which provide
enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details: VolSync v0.12.1 is a Kubernetes operator that enables asynchronous
replication of persistent volumes within a cluster, or across clusters. After
deploying the VolSync operator, it can create and maintain copies of your
persistent data.
For more information about VolSync, see:
https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync
or the VolSync open source community website at:
https://volsync.readthedocs.io/en/stable/
This advisory contains enhancements and updates to the VolSync
container images.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
21 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "VolSync v0.12 general availability release images, which provide\nenhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "VolSync v0.12.1 is a Kubernetes operator that enables asynchronous\nreplication of persistent volumes within a cluster, or across clusters. After\ndeploying the VolSync operator, it can create and maintain copies of your\npersistent data.\n\nFor more information about VolSync, see:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync\n\nor the VolSync open source community website at:\nhttps://volsync.readthedocs.io/en/stable/\n\nThis advisory contains enhancements and updates to the VolSync\ncontainer images.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3172",
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-19030",
"url": "https://issues.redhat.com/browse/ACM-19030"
},
{
"category": "external",
"summary": "HYPBLD-617",
"url": "https://issues.redhat.com/browse/HYPBLD-617"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3172.json"
}
],
"title": "Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9",
"tracking": {
"current_release_date": "2026-06-08T03:39:39+00:00",
"generator": {
"date": "2026-06-08T03:39:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3172",
"initial_release_date": "2025-03-25T19:58:29+00:00",
"revision_history": [
{
"date": "2025-03-25T19:58:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-25T19:58:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product_id": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product": {
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product_id": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-operator-bundle\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product_id": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product_id": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product_id": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64"
},
"product_reference": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"relates_to_product_reference": "9Base-RHACM-2.13"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-25T19:58:29+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-25T19:58:29+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
RHSA-2025:3335
Vulnerability from csaf_redhat - Published: 2025-03-27 15:00 - Updated: 2026-06-08 03:39Summary
Red Hat Security Advisory: opentelemetry-collector security update
Severity
Important
Notes
Topic: An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Collector with the supported components for a Red Hat build of OpenTelemetry
Security Fix(es):
* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.
5.9 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
33 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Collector with the supported components for a Red Hat build of OpenTelemetry\n\nSecurity Fix(es):\n\n* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n\n* go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service (CVE-2025-27144)\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n\n* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3335",
"url": "https://access.redhat.com/errata/RHSA-2025:3335"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2352914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352914"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3335.json"
}
],
"title": "Red Hat Security Advisory: opentelemetry-collector security update",
"tracking": {
"current_release_date": "2026-06-08T03:39:38+00:00",
"generator": {
"date": "2026-06-08T03:39:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:3335",
"initial_release_date": "2025-03-27T15:00:22+00:00",
"revision_history": [
{
"date": "2025-03-27T15:00:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-27T15:00:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-08T03:39:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.src",
"product": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.src",
"product_id": "opentelemetry-collector-0:0.107.0-8.el9_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"product": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"product_id": "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"product": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"product_id": "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64",
"product": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64",
"product_id": "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"product": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"product_id": "opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64"
},
"product_reference": "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le"
},
"product_reference": "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x"
},
"product_reference": "opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src"
},
"product_reference": "opentelemetry-collector-0:0.107.0-8.el9_5.src",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
},
"product_reference": "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-01-23T12:57:38.123000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2341751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "RHBZ#2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/70530",
"url": "https://github.com/golang/go/issues/70530"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI",
"url": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI"
}
],
"release_date": "2025-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T15:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3335"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T15:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3335"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-27144",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-24T23:00:42.448432+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "RHBZ#2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
"url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
"url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
}
],
"release_date": "2025-02-24T22:22:22.863000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T15:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3335"
},
{
"category": "workaround",
"details": "As a workaround, applications can pre-validate that payloads being passed to Go JOSE do not contain an excessive number of `.` characters.",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
},
{
"cve": "CVE-2025-29786",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-03-17T14:00:59.078419+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2352914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-29786"
},
{
"category": "external",
"summary": "RHBZ#2352914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-29786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29786"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/762",
"url": "https://github.com/expr-lang/expr/pull/762"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2"
}
],
"release_date": "2025-03-17T13:15:32.836000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-27T15:00:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3335"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to impose an input size restriction before parsing (i.e. validating or limiting the length of expression strings that the application will accept). Ensuring no unbounded-length expressions are fed into the parser will prevent the parser from constructing a very large AST and avoid the potential memory exhaustion issue.",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src",
"AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…