Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-68121 (GCVE-0-2025-68121)
Vulnerability from cvelistv5 – Published: 2026-02-05 17:48 – Updated: 2026-04-29 13:29- CWE-295 - Improper Certificate Validation
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/tls |
Affected:
0 , < 1.24.13
(semver)
Affected: 1.25.0-0 , < 1.25.7 (semver) Affected: 1.26.0-rc.1 , < 1.26.0-rc.3 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-68121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T03:55:46.305385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T13:29:25.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/tls",
"product": "crypto/tls",
"programRoutines": [
{
"name": "Conn.handshakeContext"
},
{
"name": "Conn.Handshake"
},
{
"name": "Conn.HandshakeContext"
},
{
"name": "Conn.Read"
},
{
"name": "Conn.Write"
},
{
"name": "Dial"
},
{
"name": "DialWithDialer"
},
{
"name": "Dialer.Dial"
},
{
"name": "Dialer.DialContext"
},
{
"name": "QUICConn.Start"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.13",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.25.7",
"status": "affected",
"version": "1.25.0-0",
"versionType": "semver"
},
{
"lessThan": "1.26.0-rc.3",
"status": "affected",
"version": "1.26.0-rc.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Coia Prant (github.com/rbqvq)"
},
{
"lang": "en",
"value": "Go Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-295: Improper Certificate Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:48:44.141Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"url": "https://go.dev/cl/737700"
},
{
"url": "https://go.dev/issue/77217"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"title": "Unexpected session resumption in crypto/tls"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-68121",
"datePublished": "2026-02-05T17:48:44.141Z",
"dateReserved": "2025-12-15T16:48:04.451Z",
"dateUpdated": "2026-04-29T13:29:25.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-68121",
"date": "2026-07-03",
"epss": "0.00765",
"percentile": "0.5094"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-68121\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-02-05T18:16:10.857\",\"lastModified\":\"2026-06-17T09:58:33.833\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.\"},{\"lang\":\"es\",\"value\":\"Durante la reanudaci\u00f3n de la sesi\u00f3n en crypto/tls, si la Config subyacente tiene sus campos ClientCAs o RootCAs mutados entre el handshake inicial y el handshake reanudado, el handshake reanudado puede tener \u00e9xito cuando deber\u00eda haber fallado. Esto puede ocurrir cuando un usuario llama a Config.Clone y muta la Config devuelta, o usa Config.GetConfigForClient. Esto puede hacer que un cliente reanude una sesi\u00f3n con un servidor con el que no la habr\u00eda reanudado durante el handshake inicial, o hacer que un servidor reanude una sesi\u00f3n con un cliente con el que no la habr\u00eda reanudado durante el handshake inicial.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"crypto/tls\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"crypto/tls\",\"programRoutines\":[{\"name\":\"Conn.handshakeContext\"},{\"name\":\"Conn.Handshake\"},{\"name\":\"Conn.HandshakeContext\"},{\"name\":\"Conn.Read\"},{\"name\":\"Conn.Write\"},{\"name\":\"Dial\"},{\"name\":\"DialWithDialer\"},{\"name\":\"Dialer.Dial\"},{\"name\":\"Dialer.DialContext\"},{\"name\":\"QUICConn.Start\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.24.13\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.25.0-0\",\"lessThan\":\"1.25.7\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-rc.1\",\"lessThan\":\"1.26.0-rc.3\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-29T03:55:46.305385Z\",\"id\":\"CVE-2025-68121\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.13\",\"matchCriteriaId\":\"9FEE539A-EDC2-4044-A38C-5A0FDF567509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.7\",\"matchCriteriaId\":\"B275853C-E253-485B-B469-31D1A7383965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:1.26.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E529A0EC-B944-4E2F-B26A-2A9F31AFF240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:1.26.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"553D6D90-140E-4A54-86A3-00E66AC30F3C\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/737700\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/77217\",\"source\":\"security@golang.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4337\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-68121\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-29T03:55:46.305385Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-295\", \"description\": \"CWE-295 Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-06T15:32:38.457Z\"}}], \"cna\": {\"title\": \"Unexpected session resumption in crypto/tls\", \"credits\": [{\"lang\": \"en\", \"value\": \"Coia Prant (github.com/rbqvq)\"}, {\"lang\": \"en\", \"value\": \"Go Security Team\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/tls\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.24.13\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.25.0-0\", \"lessThan\": \"1.25.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-rc.1\", \"lessThan\": \"1.26.0-rc.3\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/tls\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Conn.handshakeContext\"}, {\"name\": \"Conn.Handshake\"}, {\"name\": \"Conn.HandshakeContext\"}, {\"name\": \"Conn.Read\"}, {\"name\": \"Conn.Write\"}, {\"name\": \"Dial\"}, {\"name\": \"DialWithDialer\"}, {\"name\": \"Dialer.Dial\"}, {\"name\": \"Dialer.DialContext\"}, {\"name\": \"QUICConn.Start\"}]}], \"references\": [{\"url\": \"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk\"}, {\"url\": \"https://go.dev/cl/737700\"}, {\"url\": \"https://go.dev/issue/77217\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4337\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-295: Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-02-05T17:48:44.141Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-68121\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-29T13:29:25.582Z\", \"dateReserved\": \"2025-12-15T16:48:04.451Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-02-05T17:48:44.141Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:13571
Vulnerability from csaf_redhat - Published: 2026-05-04 23:37 - Updated: 2026-07-04 06:05A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 3.2.0
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:3.2::el9
|
— |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 3.2.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 3.2.0 serves as a replacement for Red Hat Streams for Apache Kafka 3.1.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Drain Cleaner, Kafks Exporter - Eclipse Vert.x Web static handler file access denial [amq-st-3.2]\"(CVE-2026-1002)\"\n* Drain Cleaner, Kroxylicous - Netty denial of service[amqst-3.2]\"(CVE-2026-33871)\"\n* Drain Cleaner, Kroxylicous - Netty request smuggling attacks[amqst-3.2]\"(CVE-2026-33870)\"\n* Cruise Control - jose4j denial of service [amqst-3.2]\"(CVE-2024-29371)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Memory exhaustion in query parameter parsing in net/url [amq-st-3.2]\"(CVE-2025-61726)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: golang: Denial of Service due to excessive resource consumption via crafted certificate [amq-st-3.2]\"(CVE-2025-61729)\"\n* Kafka Exporter - golang-github-danielqsj-kafka_exporter: Unexpected session resumption in crypto/tls [amqst-3.2]\"(CVE-2025-68121)\"\n* console UI - Next.js Server-Side Request Forgery in Server Actions [amqst-3.2]\"(CVE-2024-34351)\"\n* console UI - com.github.streamshub-console: Next.js: Unbounded next/image disk cache growth can exhaust storage[amqst-3.2]\"(CVE-2026-27980)\"\n* console UI - Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization [amqst-3.2]\"(CVE-2025-62718)\"\n* console UI - React Server Components: Denial of Service via specially crafted HTTP requests [amqst-3.2]\"(CVE-2026-23864)\"\n* console UI - Axios: Remote Code Execution via Prototype Pollution escalation [amqst-3.2]\"(CVE-2026-40175)\"\n* console UI - lodash: Arbitrary code execution via untrusted input in template imports [amqst-3.2]\"(CVE-2026-4800)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13571",
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "2454387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454387"
},
{
"category": "external",
"summary": "2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13571.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 3.2.0 release and security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:14+00:00",
"generator": {
"date": "2026-07-04T06:05:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:13571",
"initial_release_date": "2026-05-04T23:37:19+00:00",
"revision_history": [
{
"date": "2026-05-04T23:37:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T23:37:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 3.2.0",
"product": {
"name": "Streams for Apache Kafka 3.2.0",
"product_id": "Streams for Apache Kafka 3.2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2024-34351",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-02T15:56:14.719577+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2454387"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next: Next.js Server-Side Request Forgery in Server Actions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34351"
},
{
"category": "external",
"summary": "RHBZ#2454387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34351"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/8f7a6ca7d21a97bc9f7a1bbe10427b5ad74b9085",
"url": "https://github.com/vercel/next.js/commit/8f7a6ca7d21a97bc9f7a1bbe10427b5ad74b9085"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/pull/62561",
"url": "https://github.com/vercel/next.js/pull/62561"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g"
}
],
"release_date": "2024-05-09T16:14:16.236000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next: Next.js Server-Side Request Forgery in Server Actions"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-23864",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-26T20:01:54.396535+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433059"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23864"
},
{
"category": "external",
"summary": "RHBZ#2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864"
},
{
"category": "external",
"summary": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg",
"url": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg"
},
{
"category": "external",
"summary": "https://www.facebook.com/security/advisories/cve-2026-23864",
"url": "https://www.facebook.com/security/advisories/cve-2026-23864"
}
],
"release_date": "2026-01-26T19:16:38.250000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests"
},
{
"cve": "CVE-2026-27980",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-18T01:01:36.393672+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448509"
}
],
"notes": [
{
"category": "description",
"text": "An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27980"
},
{
"category": "external",
"summary": "RHBZ#2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd",
"url": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/releases/tag/v16.1.7",
"url": "https://github.com/vercel/next.js/releases/tag/v16.1.7"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8"
}
],
"release_date": "2026-03-18T00:23:34.862000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 3.2.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T23:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 3.2.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 3.2.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
RHSA-2026:14100
Vulnerability from csaf_redhat - Published: 2026-05-08 12:20 - Updated: 2026-07-04 06:05A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
Workaround
|
A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the '#cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command. This vulnerability can lead to arbitrary file write.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
Workaround
|
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.12.89 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.12.89. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2026:14096\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14100",
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61731",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61732",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14100.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.89 bug fix and security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:17+00:00",
"generator": {
"date": "2026-07-04T06:05:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:14100",
"initial_release_date": "2026-05-08T12:20:25+00:00",
"revision_history": [
{
"date": "2026-05-08T12:20:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-08T12:20:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "Red Hat OpenShift Container Platform 4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Container Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"product": {
"name": "registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"product_id": "registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift/driver-toolkit-rhel8@sha256%3A39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4\u0026tag=1778037510"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64",
"product": {
"name": "registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64",
"product_id": "registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift/ose-tests@sha256%3A1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748?arch=amd64\u0026repository_url=registry.redhat.io/openshift4\u0026tag=1778173182"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
},
"product_reference": "registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Container Platform 4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
},
"product_reference": "registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64",
"relates_to_product_reference": "Red Hat OpenShift Container Platform 4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61731",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-01-28T20:01:45.587773+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434433"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the \u0027#cgo pkg-config:\u0027 directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a \u0027--log-file\u0027 argument to the pkg-config command. This vulnerability can lead to arbitrary file write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is Important rather than Moderate because compiling a malicious Go source file can cause `pkg-config` to create or append data to files at attacker-chosen locations, subject to the permissions of the build user. This can enable unintended filesystem modifications during the build process, which can lead to broken builds, alter tool behavior, and poison caches or artifacts, even without direct code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "RHBZ#2434433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://go.dev/cl/736711",
"url": "https://go.dev/cl/736711"
},
{
"category": "external",
"summary": "https://go.dev/issue/77100",
"url": "https://go.dev/issue/77100"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4339",
"url": "https://pkg.go.dev/vuln/GO-2026-4339"
}
],
"release_date": "2026-01-28T19:30:30.844000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-08T12:20:25+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64 architecture. The image digest may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha value for the release is as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:594f7c90eeb3e7540444a5c023fd50d83dd436153c96b01c178ea2ebeb32560a\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/driver-toolkit-rhel8@sha256:39b0f5b85e8cccc7ad9a6f9d555a9135cdfd1bc7ee80a9c66611bc389f10bca1_amd64",
"Red Hat OpenShift Container Platform 4.12:registry.redhat.io/openshift4/ose-tests@sha256:1e9eba414d5564aff8ef7ba80306354f4aea72845a93a36f35dd74fbec101748_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:14868
Vulnerability from csaf_redhat - Published: 2026-05-07 18:15 - Updated: 2026-07-04 06:05A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for buildah is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913)\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14868",
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14868.json"
}
],
"title": "Red Hat Security Advisory: buildah security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:18+00:00",
"generator": {
"date": "2026-07-04T06:05:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:14868",
"initial_release_date": "2026-05-07T18:15:36+00:00",
"revision_history": [
{
"date": "2026-05-07T18:15:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T18:15:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.8-1.el10_0.src",
"product": {
"name": "buildah-2:1.39.8-1.el10_0.src",
"product_id": "buildah-2:1.39.8-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.8-1.el10_0?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.8-1.el10_0.aarch64",
"product": {
"name": "buildah-2:1.39.8-1.el10_0.aarch64",
"product_id": "buildah-2:1.39.8-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.8-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.8-1.el10_0.aarch64",
"product": {
"name": "buildah-tests-2:1.39.8-1.el10_0.aarch64",
"product_id": "buildah-tests-2:1.39.8-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.8-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"product": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"product_id": "buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.8-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product_id": "buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.8-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product_id": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.8-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.8-1.el10_0.ppc64le",
"product": {
"name": "buildah-2:1.39.8-1.el10_0.ppc64le",
"product_id": "buildah-2:1.39.8-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.8-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"product": {
"name": "buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"product_id": "buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.8-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"product": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"product_id": "buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.8-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product_id": "buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.8-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product_id": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.8-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.8-1.el10_0.s390x",
"product": {
"name": "buildah-2:1.39.8-1.el10_0.s390x",
"product_id": "buildah-2:1.39.8-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.8-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.8-1.el10_0.s390x",
"product": {
"name": "buildah-tests-2:1.39.8-1.el10_0.s390x",
"product_id": "buildah-tests-2:1.39.8-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.8-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"product": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"product_id": "buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.8-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"product": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"product_id": "buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.8-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"product_id": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.8-1.el10_0?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.8-1.el10_0.x86_64",
"product": {
"name": "buildah-2:1.39.8-1.el10_0.x86_64",
"product_id": "buildah-2:1.39.8-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.8-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.8-1.el10_0.x86_64",
"product": {
"name": "buildah-tests-2:1.39.8-1.el10_0.x86_64",
"product_id": "buildah-tests-2:1.39.8-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.8-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"product": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"product_id": "buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.8-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product_id": "buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.8-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product_id": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.8-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.8-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64"
},
"product_reference": "buildah-2:1.39.8-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.8-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le"
},
"product_reference": "buildah-2:1.39.8-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.8-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x"
},
"product_reference": "buildah-2:1.39.8-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.8-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src"
},
"product_reference": "buildah-2:1.39.8-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.8-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64"
},
"product_reference": "buildah-2:1.39.8-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64"
},
"product_reference": "buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le"
},
"product_reference": "buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x"
},
"product_reference": "buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.8-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64"
},
"product_reference": "buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64"
},
"product_reference": "buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le"
},
"product_reference": "buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x"
},
"product_reference": "buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.8-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64"
},
"product_reference": "buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.8-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64"
},
"product_reference": "buildah-tests-2:1.39.8-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.8-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le"
},
"product_reference": "buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.8-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x"
},
"product_reference": "buildah-tests-2:1.39.8-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.8-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64"
},
"product_reference": "buildah-tests-2:1.39.8-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:15:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:15:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:15:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:15:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T18:15:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.8-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.8-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:14879
Vulnerability from csaf_redhat - Published: 2026-05-07 15:58 - Updated: 2026-07-04 06:05A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64 | — |
Vendor Fix
fix
Workaround
|
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-vmaas-rhel9 container image is now available as a technical preview in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14879",
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14879.json"
}
],
"title": "Red Hat Security Advisory: Technical preview of the satellite/iop-vmaas-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-04T06:05:19+00:00",
"generator": {
"date": "2026-07-04T06:05:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:14879",
"initial_release_date": "2026-05-07T15:58:26+00:00",
"revision_history": [
{
"date": "2026-05-07T15:58:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T15:58:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64",
"product_id": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-vmaas-rhel9@sha256%3A8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34?arch=amd64\u0026repository_url=registry.redhat.io/satellite\u0026tag=1778082595"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T15:58:26+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T15:58:26+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T15:58:26+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-07T15:58:26+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:8bc6388b3b83875d286cb3b5a4bd5f5157a9634350611019770fe44f608e3c34_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
}
]
}
RHSA-2026:16102
Vulnerability from csaf_redhat - Published: 2026-05-11 22:53 - Updated: 2026-07-04 06:05A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913)\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:16102",
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16102.json"
}
],
"title": "Red Hat Security Advisory: buildah security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:25+00:00",
"generator": {
"date": "2026-07-04T06:05:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:16102",
"initial_release_date": "2026-05-11T22:53:25+00:00",
"revision_history": [
{
"date": "2026-05-11T22:53:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-11T22:53:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.26.11-1.el9_0.src",
"product": {
"name": "buildah-1:1.26.11-1.el9_0.src",
"product_id": "buildah-1:1.26.11-1.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.26.11-1.el9_0?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.26.11-1.el9_0.aarch64",
"product": {
"name": "buildah-1:1.26.11-1.el9_0.aarch64",
"product_id": "buildah-1:1.26.11-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.26.11-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.26.11-1.el9_0.aarch64",
"product": {
"name": "buildah-tests-1:1.26.11-1.el9_0.aarch64",
"product_id": "buildah-tests-1:1.26.11-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.26.11-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"product": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"product_id": "buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.26.11-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product_id": "buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.11-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product_id": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.11-1.el9_0?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.26.11-1.el9_0.ppc64le",
"product": {
"name": "buildah-1:1.26.11-1.el9_0.ppc64le",
"product_id": "buildah-1:1.26.11-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.26.11-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"product": {
"name": "buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"product_id": "buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.26.11-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"product": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"product_id": "buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.26.11-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product_id": "buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.11-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product_id": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.11-1.el9_0?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.26.11-1.el9_0.x86_64",
"product": {
"name": "buildah-1:1.26.11-1.el9_0.x86_64",
"product_id": "buildah-1:1.26.11-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.26.11-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.26.11-1.el9_0.x86_64",
"product": {
"name": "buildah-tests-1:1.26.11-1.el9_0.x86_64",
"product_id": "buildah-tests-1:1.26.11-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.26.11-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"product": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"product_id": "buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.26.11-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product_id": "buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.11-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product_id": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.11-1.el9_0?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.26.11-1.el9_0.s390x",
"product": {
"name": "buildah-1:1.26.11-1.el9_0.s390x",
"product_id": "buildah-1:1.26.11-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.26.11-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.26.11-1.el9_0.s390x",
"product": {
"name": "buildah-tests-1:1.26.11-1.el9_0.s390x",
"product_id": "buildah-tests-1:1.26.11-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.26.11-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"product": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"product_id": "buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.26.11-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"product": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"product_id": "buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.11-1.el9_0?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"product": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"product_id": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.11-1.el9_0?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.26.11-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64"
},
"product_reference": "buildah-1:1.26.11-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.26.11-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le"
},
"product_reference": "buildah-1:1.26.11-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.26.11-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x"
},
"product_reference": "buildah-1:1.26.11-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.26.11-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src"
},
"product_reference": "buildah-1:1.26.11-1.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.26.11-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64"
},
"product_reference": "buildah-1:1.26.11-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64"
},
"product_reference": "buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le"
},
"product_reference": "buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x"
},
"product_reference": "buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.26.11-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64"
},
"product_reference": "buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64"
},
"product_reference": "buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le"
},
"product_reference": "buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x"
},
"product_reference": "buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.26.11-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64"
},
"product_reference": "buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.26.11-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64"
},
"product_reference": "buildah-tests-1:1.26.11-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.26.11-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le"
},
"product_reference": "buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.26.11-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x"
},
"product_reference": "buildah-tests-1:1.26.11-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.26.11-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64"
},
"product_reference": "buildah-tests-1:1.26.11-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64"
},
"product_reference": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x"
},
"product_reference": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
},
"product_reference": "buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-11T22:53:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.src",
"AppStream-9.0.0.Z.E4S:buildah-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.11-1.el9_0.x86_64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.aarch64",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.ppc64le",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.s390x",
"AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.11-1.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:16696
Vulnerability from csaf_redhat - Published: 2026-05-13 01:56 - Updated: 2026-07-04 06:05A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for skopeo is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:16696",
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16696.json"
}
],
"title": "Red Hat Security Advisory: skopeo security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:27+00:00",
"generator": {
"date": "2026-07-04T06:05:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:16696",
"initial_release_date": "2026-05-13T01:56:33+00:00",
"revision_history": [
{
"date": "2026-05-13T01:56:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-13T01:56:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.1.src",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.1.src",
"product_id": "skopeo-2:1.18.1-3.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.1?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.1.aarch64",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.1.aarch64",
"product_id": "skopeo-2:1.18.1-3.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.1?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"product_id": "skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.1?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.1.s390x",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.1.s390x",
"product_id": "skopeo-2:1.18.1-3.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.1?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.1.x86_64",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.1.x86_64",
"product_id": "skopeo-2:1.18.1-3.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.x86_64",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.x86_64",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.1?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T01:56:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T01:56:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T01:56:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T01:56:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T01:56:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:17040
Vulnerability from csaf_redhat - Published: 2026-05-13 13:20 - Updated: 2026-07-04 06:05A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for podman is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:17040",
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17040.json"
}
],
"title": "Red Hat Security Advisory: podman security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:30+00:00",
"generator": {
"date": "2026-07-04T06:05:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:17040",
"initial_release_date": "2026-05-13T13:20:54+00:00",
"revision_history": [
{
"date": "2026-05-13T13:20:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-13T13:20:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.1.src",
"product": {
"name": "podman-6:5.4.0-15.el10_0.1.src",
"product_id": "podman-6:5.4.0-15.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.1?arch=src\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"product_id": "podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"product_id": "podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-remote-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.1.s390x",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.s390x",
"product_id": "podman-tests-6:5.4.0-15.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.1?arch=s390x\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"product_id": "podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-6:5.4.0-15.el10_0.1.noarch",
"product": {
"name": "podman-docker-6:5.4.0-15.el10_0.1.noarch",
"product_id": "podman-docker-6:5.4.0-15.el10_0.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@5.4.0-15.el10_0.1?arch=noarch\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src"
},
"product_reference": "podman-6:5.4.0-15.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-6:5.4.0-15.el10_0.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch"
},
"product_reference": "podman-docker-6:5.4.0-15.el10_0.1.noarch",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T13:20:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.1.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.1.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:17084
Vulnerability from csaf_redhat - Published: 2026-05-13 15:39 - Updated: 2026-07-04 06:05A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:17084",
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17084.json"
}
],
"title": "Red Hat Security Advisory: gvisor-tap-vsock security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:30+00:00",
"generator": {
"date": "2026-07-04T06:05:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:17084",
"initial_release_date": "2026-05-13T15:39:24+00:00",
"revision_history": [
{
"date": "2026-05-13T15:39:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-13T15:39:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"product": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"product_id": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock@0.8.5-2.el10_0.1?arch=src\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"product": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"product_id": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock@0.8.5-2.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"product_id": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder@0.8.5-2.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"product": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"product_id": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debugsource@0.8.5-2.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product_id": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debuginfo@0.8.5-2.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product_id": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder-debuginfo@0.8.5-2.el10_0.1?arch=aarch64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"product": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"product_id": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock@0.8.5-2.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"product_id": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder@0.8.5-2.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"product": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"product_id": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debugsource@0.8.5-2.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product_id": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debuginfo@0.8.5-2.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product_id": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder-debuginfo@0.8.5-2.el10_0.1?arch=ppc64le\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"product": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"product_id": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock@0.8.5-2.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"product_id": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder@0.8.5-2.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"product": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"product_id": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debugsource@0.8.5-2.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product_id": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debuginfo@0.8.5-2.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product_id": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder-debuginfo@0.8.5-2.el10_0.1?arch=x86_64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"product": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"product_id": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock@0.8.5-2.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"product_id": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder@0.8.5-2.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"product": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"product_id": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debugsource@0.8.5-2.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product_id": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-debuginfo@0.8.5-2.el10_0.1?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product_id": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gvisor-tap-vsock-gvforwarder-debuginfo@0.8.5-2.el10_0.1?arch=s390x\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64"
},
"product_reference": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le"
},
"product_reference": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x"
},
"product_reference": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src"
},
"product_reference": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64"
},
"product_reference": "gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64"
},
"product_reference": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le"
},
"product_reference": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x"
},
"product_reference": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
},
"product_reference": "gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64"
},
"product_reference": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le"
},
"product_reference": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x"
},
"product_reference": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64"
},
"product_reference": "gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
},
"product_reference": "gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-13T15:39:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debuginfo-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-debugsource-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-6:0.8.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gvisor-tap-vsock-gvforwarder-debuginfo-6:0.8.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:17446
Vulnerability from csaf_redhat - Published: 2026-05-20 11:57 - Updated: 2026-07-04 06:05A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.18.42 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container\nPlatform 4.18.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.18.42. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHSA-2026:17448\n\nSecurity Fix(es):\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url\n(CVE-2025-61726)\n* crypto/x509: golang: Denial of Service due to excessive resource\nconsumption via crafted certificate (CVE-2025-61729)\n* pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed\nRELATIVE-OID (CVE-2026-23490)\n* golang: archive/tar: Unbounded allocation when parsing GNU sparse map\n(CVE-2025-58183)\n* golang: archive/zip: Excessive CPU consumption when building archive\nindex in archive/zip (CVE-2025-61728)\n* crypto/tls: crypto/tls: Incorrect certificate validation during TLS\nsession resumption (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.18 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:17446",
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17446.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.18.42 packages and security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:34+00:00",
"generator": {
"date": "2026-07-04T06:05:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:17446",
"initial_release_date": "2026-05-20T11:57:59+00:00",
"revision_history": [
{
"date": "2026-05-20T11:57:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-20T11:57:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.18",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.18::el8"
}
}
},
{
"category": "product_name",
"name": "Ironic content for Red Hat OpenShift Container Platform 4.18",
"product": {
"name": "Ironic content for Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-IRONIC-4.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ironic:4.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-11.rhaos4.18.el8.src",
"product": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.src",
"product_id": "podman-5:5.2.2-11.rhaos4.18.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-11.rhaos4.18.el8?arch=src\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "python-pyasn1-0:0.5.1-4.el9.src",
"product": {
"name": "python-pyasn1-0:0.5.1-4.el9.src",
"product_id": "python-pyasn1-0:0.5.1-4.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyasn1@0.5.1-4.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_id": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-11.rhaos4.18.el8?arch=x86_64\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_id": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-11.rhaos4.18.el8?arch=aarch64\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_id": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-11.rhaos4.18.el8?arch=ppc64le\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_id": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-11.rhaos4.18.el8?arch=s390x\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"product": {
"name": "podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"product_id": "podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@5.2.2-11.rhaos4.18.el8?arch=noarch\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product": {
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product_id": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyasn1-doc@0.5.1-4.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product": {
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product_id": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyasn1@0.5.1-4.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product": {
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product_id": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyasn1-modules@0.5.1-4.el9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.src as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src"
},
"product_reference": "podman-5:5.2.2-11.rhaos4.18.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch"
},
"product_reference": "podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64"
},
"product_reference": "podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le"
},
"product_reference": "podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x"
},
"product_reference": "podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.18",
"product_id": "8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
},
"product_reference": "podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyasn1-0:0.5.1-4.el9.src as a component of Ironic content for Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src"
},
"product_reference": "python-pyasn1-0:0.5.1-4.el9.src",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch"
},
"product_reference": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch"
},
"product_reference": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.18",
"product_id": "9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
},
"product_reference": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-23490",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T20:03:33.790513+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430472"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
],
"known_not_affected": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "RHBZ#2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970",
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
}
],
"release_date": "2026-01-16T19:03:36.442000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T11:57:59+00:00",
"details": "For OpenShift Container Platform 4.18 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/release_notes/",
"product_ids": [
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.src",
"8Base-RHOSE-4.18:podman-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-catatonit-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-debugsource-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-docker-5:5.2.2-11.rhaos4.18.el8.noarch",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-gvproxy-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-plugins-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-remote-debuginfo-5:5.2.2-11.rhaos4.18.el8.x86_64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.aarch64",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.ppc64le",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.s390x",
"8Base-RHOSE-4.18:podman-tests-5:5.2.2-11.rhaos4.18.el8.x86_64",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.18:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.18:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID"
}
]
}
RHSA-2026:17595
Vulnerability from csaf_redhat - Published: 2026-05-20 13:36 - Updated: 2026-07-04 06:05A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.17.54 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container\nPlatform 4.17.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.17.54. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHSA-2026:17598\n\nSecurity Fix(es):\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url\n(CVE-2025-61726)\n* crypto/x509: golang: Denial of Service due to excessive resource\nconsumption via crafted certificate (CVE-2025-61729)\n* pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed\nRELATIVE-OID (CVE-2026-23490)\n* golang: archive/tar: Unbounded allocation when parsing GNU sparse map\n(CVE-2025-58183)\n* golang: archive/zip: Excessive CPU consumption when building archive\nindex in archive/zip (CVE-2025-61728)\n* crypto/tls: crypto/tls: Incorrect certificate validation during TLS\nsession resumption (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.17 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html-single/updating_clusters/index#updating-cluster-cli.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:17595",
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17595.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.17.54 packages and security update",
"tracking": {
"current_release_date": "2026-07-04T06:05:38+00:00",
"generator": {
"date": "2026-07-04T06:05:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:17595",
"initial_release_date": "2026-05-20T13:36:25+00:00",
"revision_history": [
{
"date": "2026-05-20T13:36:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-20T13:36:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T06:05:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Ironic content for Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Ironic content for Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-IRONIC-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ironic:4.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.17",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.17::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pyasn1-0:0.5.1-4.el9.src",
"product": {
"name": "python-pyasn1-0:0.5.1-4.el9.src",
"product_id": "python-pyasn1-0:0.5.1-4.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyasn1@0.5.1-4.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el9.src",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.src",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el9?arch=src\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el8.src",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.src",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el8?arch=src\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product": {
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product_id": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyasn1-doc@0.5.1-4.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product": {
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product_id": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyasn1@0.5.1-4.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product": {
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product_id": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyasn1-modules@0.5.1-4.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"product": {
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"product_id": "podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@5.2.2-18.rhaos4.17.el9?arch=noarch\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"product": {
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"product_id": "podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@5.2.2-18.rhaos4.17.el8?arch=noarch\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el9?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el8?arch=x86_64\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el9?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el8?arch=aarch64\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el9?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el8?arch=ppc64le\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el9?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_id": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.2.2-18.rhaos4.17.el8?arch=s390x\u0026epoch=5"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch"
},
"product_reference": "podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.src as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch"
},
"product_reference": "podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
},
"product_reference": "podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyasn1-0:0.5.1-4.el9.src as a component of Ironic content for Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src"
},
"product_reference": "python-pyasn1-0:0.5.1-4.el9.src",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyasn1-doc-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch"
},
"product_reference": "python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyasn1-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch"
},
"product_reference": "python3-pyasn1-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.17",
"product_id": "9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
},
"product_reference": "python3-pyasn1-modules-0:0.5.1-4.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"known_not_affected": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-23490",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-16T20:03:33.790513+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430472"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
],
"known_not_affected": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"category": "external",
"summary": "RHBZ#2430472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970",
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
},
{
"category": "external",
"summary": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
}
],
"release_date": "2026-01-16T19:03:36.442000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T13:36:25+00:00",
"details": "For OpenShift Container Platform 4.17 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/release_notes/",
"product_ids": [
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.src",
"8Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-catatonit-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el8.noarch",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-gvproxy-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el8.x86_64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.aarch64",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.ppc64le",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.s390x",
"8Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el8.x86_64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.src",
"9Base-RHOSE-4.17:podman-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-debugsource-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-docker-5:5.2.2-18.rhaos4.17.el9.noarch",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-plugins-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-remote-debuginfo-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.aarch64",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.ppc64le",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.s390x",
"9Base-RHOSE-4.17:podman-tests-5:5.2.2-18.rhaos4.17.el9.x86_64",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-0:0.5.1-4.el9.src",
"9Base-RHOSE-IRONIC-4.17:python-pyasn1-doc-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-0:0.5.1-4.el9.noarch",
"9Base-RHOSE-IRONIC-4.17:python3-pyasn1-modules-0:0.5.1-4.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.